Microsoft's  VPN  embrace  Software 

maker  boosts  VPN  support  in  Windows  Server  2003.  PAGE  20. 


The  Web  browser  at  10 

laments  the  end  of  browser  creativity.  PAGE  25. 
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Low-speed  frame 
costs  on  the  rise 


■  BY  DENISE  PAPPALARDO 

While  rates  for  many  telecom 
services  have  long  plummeted, 
some  users  are  paying  up  to 
twice  as  much  today  for  low- 
speed  frame  relay  as  they  did  18 
to  24  months  ago,  according  to 
industry  watchers  and  those 
footing  the  bills. 

The  carriers  say  they 
need  to  regain  prof¬ 
itability  and  can  no 
longer  offer  low-mar- 
gin  services  at  yester¬ 
days  prices. 

Bay  State  Milling  in 
Quincy  Mass.,  encoun¬ 
tered  the  phenome¬ 
non  when  it  began  re¬ 
negotiating  a  frame 
relay  contract  with 
Sprint.  Not  only  did  the 
company’s  bills  increase 
approximately  10%  across 


the  board,  but  also  the  price  of 
one  128K  bit/sec  link  in  Florida 
doubled,  says  IT  Director  Kim 
Yaworsky 

Bay  State,  which  has  a  frame 
network  that  spans  seven  states 
in  the  U.S.,has  been  paying  $360 
per  month  for  T-l  access  on  its 
128K  bit/sec  frame  relay  link  in 
See  Prices,  page  60 


Frame  relay  still  works 
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Convergence 

on  tap  for  apps 


■  BY  PHIL  HOCHMUTH 

SAN  JOSE  —  News  out  of  last 
week’s  Voice  on  the  Net  show 
might  signal  that  long-promised 
converged  voice/data  applica¬ 
tions  are  just  around  the  corner. 

Siemens,  Microsoft  and  others 
laid  out  application  plans,  while  a 
host  of  speakers  discussed  the 
role  that  Session  Initiation  Proto¬ 
col  (SIP)  would  play  in  enterprise 
integration  efforts.  Conference 
sessions  —  many  of  them  well- 
attended  —  dealt  with  everything 
from  the  current  state  of  voice 
over  IP  (VoIP)  to  where  the  tech¬ 
nology  is  going. 

For  its  part,  Siemens  displayed 


OpenScape,  a  new  suite  of  SIP- 
based  software  tools  that  make  it 
possible  to  deliver  a  consolidated 
view  of  various  back-end  com¬ 
munications  and  collaboration 
systems.  End  users  employ  what 
Siemens  calls  a  Personal  Com¬ 
munications  Portal  to  access 
Microsoft  Exchange  e-mail,  calen¬ 
dars,  instant  messaging,  presence- 
based  telephony  features,  and 


voice  and  videoconferencing 
(see  graphic,  page  14). 

Users  can  list  their  status  (for  ex¬ 
ample, “in  the  office, ’’“working  re¬ 
mote^’ “unavailable”)  and  input 
their  preferred  phone  number 
(desk,  cell,  remote  office,  home), 
and  see  similar  details  for  col¬ 
leagues.  Buddy  lists  —  similar  to 
AOL’s  Instant  Messenger  —  show 
See  Apps,  page  14 


Firm  bullish  on  Web  services 

However,  Merrill  Lynch  exec  says  security,  mgmt.  issues  can  be  a  bear. 


■  BY  ANN  BEDNARZ 

BOSTON  —  Rick  Carey,  chief 
technology  architect  at  Merrill 
Lynch,  told  an  audience  of  CTOs 
last  week  that  his  company  is 
using  Web  services  to  tackle  oner¬ 


ous  application  integration  chal¬ 
lenges  and  reduce  the  burden  of 
proprietary  coding. 

“We  have  thousands  of  applica¬ 
tions  and  thousands  of  systems 
that  have  a  great  deal  of  difficulty 
interacting,”  Carey  said,  speaking 


at  CTO  Forum,  which  was  run  by 
InfoWorld,  a  sister  company  to 
Network  World. 

Merrill  Lynch  developers  have 
been  creating  reusable,  standards- 
based  Web  services  making  trans¬ 
action  information  locked  in  lega¬ 
cy  mainframe  systems  available  to 
other  applications.  This  frees 
developers  to  build  new  business 
features  rather  than  repetitive  in¬ 
frastructure  projects,  Carey  said. 

So  far  Merrill  Lynch’s  Web  ser¬ 
vices  foray  is  limited  to  internal 
application  connectivity.  Inade¬ 
quate  security  and  unreliable 
messaging  will  keep  the  firm  from 
See  Merrill,  page  16 


IP  PBX  vendors  are 
taking  very  different 
approaches  to 
implementing  VoIP, 
b  JHere’s  a  guide. 
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Products.  People. 
Problems  solved. 

From  servers  to  service,  Dell  has  the  solution. 


Dell  |  Small  and  Medium  Business 

Your  business  has  unique  needs.  It  deserves  a  unique  solution.  From  PowerEdge'“  servers  featuring  Intel® Xeon’" processors  to 
PowerVaulf  Storage  and  PowerConnect”  Network  Switches,  we  offer  tailored  solutions  to  meet  your  business  needs.  And  of  course 
it's  Dell,  so  you  know  you're  getting  the  latest  technology.  But  that's  only  half  of  the  story.  Dell  offers  consulting  services  that  range 
from  deployment  and  installation  to  training  and  certification.  All  from  one  source.  And  everything  is  backed  by  thousands  of  service 
and  support  people  at  your  beck  and  call,  on-site,  online  and  on  the  phone.  Suddenly  your  IT  infrastructure  doesn't  seem  so  daunting. 
Let  Dell's  one-of-a-kind  solutions  put  you  on  the  path  to  one-of-a-kind  success. 

Dell  Rated  #1  in  Intel-Based  Server  Satisfaction 

Technology  Business  Research 
Corporate  IT  Buying  Behavior  and  Customer  Satisfaction  Study 

Third  Quarter  2002 
-  December  2002 


Call:  M  F  7«  8p  Sat  8a  5p.  CT 

Pricing.  specifications,  availability  and  tarns  ol  oiler  may  change  without  notice  Taxes  and  shipping  chatges  extra,  and  vary  and  not  subiect  to  discounts  U  S  Dell  Small  Business  new  purchases  only  Dell  cannot  be  held  responsible  for  errors  in  typography  or  photography 
'This  device  has  not  Deen  approved  by  the  federal  Communications  Commission  lot  use  in  a  residential  environment  This  device  is  not.  and  may  not  be.  ottered  for  sale  or  lease,  or  sold  or  leased  for  use  m  a  residential  environment  irttil  the  approval  of  the  FCC  has  been  obtained 

'Se'i  <e  may  be  provided  by  thud  party  Technician  will  be  dispatched  following  phone-based  troubleshooting  Subiect  to  pans  availability,  geographical  restrictions  and  tarns  of  service  contract  Service  timing  dependent  upon  time  of  day  call  placed  to  Dell  US  only  'Monthly  payment  based 
on  43  month  60  Days  Same  Cash  Quicxloan  with  46  payments  at  9  99%  interest  rate  your  interest  late  and  monthly  payment  may  be  same  or  higher,  depending  on  your  creditworthiness  It  you  do  not  pay  the  balance  within  60  days  of  the  Quickloan  Commencement  Date  Iwtuch  is  live  days 
aft"  product  ships)  interest  w  II  accrue  during  those  first  60  days  and  a  documentation  fee  may  apply  OFFER  VARIES  BY  CREDITWORTHINESS  OF  CUSTOMER  AS  DETERMINED  BY  LENDER  Minimum  transaction  size  of  1500  required  Maximum  aggregate  financed  amount  tor  the  paperless 


Remote  Office  &  Fiie/Print  Sharing  Web  Server  Database 


PowerEdge™  600SC  Server 

Entry-Level  Server  with  Performance  Features 

•  Intel* *  Pentium*  4  Processor  at  2.40GHz 

•  128MB  266MHz  ECC  DDR  SDRAM 

•  Upgradeable  to  4GB  of  Memory 

•  36GB  (10K  RPM)  SCSI  Hard  Drive  (Up  to  146GB  HD  Avail.) 

•  Upgradeable  to  584GB  of  Internal  Hard  Drive  Storage 

•  Embedded  Intel®  PRO  Gigabit”  NIC 

•  Five  PCI  Expandability  Slots  (4-64/33MHz,  1-32/33MHz) 

•  Embedded  Systems  Mgmt  Devices  for  Error  Detection 

•  1-Yr  24x7  Dedicated  Server  Phone  Tech  Support 

•  1-Yr  Next  Business  Day  On-Site  Service’ 

CC  A  ffc  as  low  as  $18/mo„  (46  pruts”) 

E-VALUE  Code:  17266-  S20406c 

For  a  complete  server  solution  we  recommend  these  additions: 

•  PowerConnect  2016  16-Port  Ethernet  Switch,  add  $99 

•  PV100T-TR5  Internal  Tape  Back-Up,  add  $199 


PowerEdge™  1650  Server 

Highly  Available  1U  Rack-Optimized  Server 

•  Intel®  Pentium®  III  Processor  at  1 ,13GHz 

•  Dual  Processor  Capable  (Up  to  1.40GHz) 

•  256MB  1 33MHz  ECC  SDRAM  (Up  to  4GB) 

•  36GB  (10K  RPM)  SCSI  Hard  Drive  (Up  to  146GB  HD  Avail.) 

•  Upgradeable  to  438GB  of  Internal  Hard  Drive  Storage 

•  Dual-Embedded  Intel®  PRO  Gigabit”  NICs 

•  Two  PCI  Expandability  Slots  (2-64/66MHz) 

•  Hot-Swap  Redundant  Cooling  Fans 

•  3-Yr  Next  Business  Day  On-Site  Service1 

•  Small  Business  Pricing 

as  ^ow  as  $35/mo„  (46  pruts?) 

"I*  E -VALUE  Code:  17266- S20412c 

For  a  complete  server  solution  we  recommend  these  additions: 

•  PowerConnect  3024*  Managed  24+2 GB  Switch,  add  $549 

•  Custom-Install  Site  Survey,  add  $199 


PowerEdge™  2650  Server 

2U  Scalable  Rack  Server  with  High  Processing  Power 

•  Intel®  Xeon"  Processor  at  2.40GHz 

•  Dual  Intel®  Xeon"  Processor  Capable  (Up  to  2.80GHz) 

•  256MB  200MHz  ECC  DDR  SDRAM  (Up  to  6GB) 

•  36GB  (1  OK  RPM)  SCSI  Hard  Drive  (Up  to  146GB  HD  Avail.) 

•  Upgradeable  to  730GB  of  Internal  Hard  Drive  Storage 

•  Dual-Embedded  Gigabit”  NICs 

•  Dual-Channel  Integrated  SCSI  Controller 

•  Active  ID  Front  Bezel  for  Monitoring  System  Health 

•  3-Yr  Next  Business  Day,  On-Site  Service3 

•  Small  Business  Pricing 

as  low  as  $49/mo„  (46  pmts  ") 

I  /  E-VALUE  Code:  17266- S20417c 

For  a  complete  server  solution  we  recommend  these  additions: 

•  PowerConnect  3248*  Managed  48+2GB  Switch,  add  $999 

•  PowerVault  112T-DDS4  (Dual  Drive  Capable) 

Tape  Back-Up,  add  $1499 
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It  always  happens  with  the  last  piece... 


You  know  what  you  need,  but  you  just 
can't  find  it. 

Your  data  center  is  growing,  faster  than  your  resources. 
You  need  hands-on  control  of  your  local  server  racks  as 
well  as  the  servers  at  different  locations.  How  do  you 
complete  the  picture? 

With  one  of  Avocent's  enterprise-class  KVM  switches. 
Our  solutions  are  specifically  tailored  to  your  unique 
server  management  requirements. 


Direct  access  to  multiple  servers  from  your  data  center. 
Standard  IP  access  to  servers  in  any  location  world¬ 
wide.  Custom  configuration  for  the  level  of  access 
and  control  you  need.  Streamlined  cable  management. 
Feature-rich  software  designed  for  easy  installation 
and  system  administration. 

Now  you've  got  the  whole  picture.  Avocent's  advanced 
analog  and  digital  KVM  solutions  -  a  perfect  fit  for  your 
server  room. 


Download  our  free  whitepaper  KVM  for  the  Enterprise  at 

www  cv<  c  nt.com  or  call  us  at  1-866-AVOCENT  (286-2368),  ext.  3005. 


AvocenL 


Avocent,  the 


no  The  Power  ot  Being  There  are  trademarks  ot  Avocent  Corporation.  Copynght  £  2003  Avocent  Corporation. 


The  Power  of  Being  Therer» 


NetworkWorld 


News 

■  8  Management  vendors  beat  automation  drum. 

■  8  Veritas  CEO  Gary  Bloom  talks  about  how  the  company 

is  branching  out. 

■  10  Sprint  to  offer  Feds  their  own  Internet'. 

■  10  Microsoft  lets  Active  Directory  stand  alone. 

■  12  Nauticus  switch  helps  secure  data. 

■  12  Start-up  WholeSecurity  out  to  block  Trojans. 

■  12  Network  Associates  buys  Entercept  and  intruVert. 

■  16  Competition  forces  HP  to  slash  prices. 

■  60  Switch  eases  wireless  LAN  installation. 


Infrastructure 

■  17  Getting  Gigabit  to  desktops. 

■  17  Fortinet  uncorks  security 
management  application. 

■  18  SuSE  Linux  desktop  slated 
for  June  debut. 

■  18  Dave  Kearns:  Every  day 
is  Valentine's  Day. 

■  20  Special  Focus: 

Infrastructure:  The  ubiquitous  VPN. 

Enterprise 

Applications 

■  25  Andreessen  laments  stagna¬ 
tion  in  browser  development. 

■  25  Recovery  tool  targets 
Windows  operating  system  failures. 

■  26  Scott  Bradner:  Bad  law 

or  really  bad  law? 

Service  Providers 

■  29  AT&T  offers  new  VoIP 
choices,  including  IP  PBX  support. 

■  29  Equinix  touts  new  multihom¬ 
ing  service. 

■  31  Johna  Till  Johnson: 

Service  providers  need  to  think 
'integration'. 


The  Edge 

■  33  Riverstone  Networks  lowers 
entry  bar  for  10G. 

■  33  Internet  Photonics  releases 
new  GSLAM. 

■  35  Apptix  raises  autoprovisioning 
platform. 

Technology  Update 

■  37  WebDAV  secures 
collaboration. 

■  37  Steve  Blass:  Ask  Dr 

Internet. 

■  38  Mark  Gibbs:  Windows 
registry  magic. 

■  38  Keith  Shaw:  The  latest 
cool  stuff  from  our  labs. 

Opinions 

■  40  Editorial:  IP  PBX  debate 
brings  on  fireworks. 

■  41  Robert  Gezelter:  The 

need  for  DNS  resiliency. 

■  41  Frank  Dzubeck:  More 
on  tech  discontinuity. 

■  62  BackSpin:  Worser  and 
worser  laws. 

■  62  'Net  Buzz:  Lawmaker's 
turn  at  bat  for  Qualcomm  is  a  whiff 
on  several  counts. 


Management 

Strategies 

■  49  Where  the  jobs  are:  Despite 
the  economic  malaise,  there  are 
still  pockets  of  industries  that  have 
IT  openings. 

The  Satellite  Pro 
comes  with 
802.1  la/b 
capabilities. 

Page  38. 
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Features 

VoIP  variables:  Traditional  PBX  vendors  and 
newcomers  to  the  market  are  all  developing  IP  PBXs, 
but  there's  little  consistency  when  it  comes  to  how  the 
vendors  support  standards,  how  they  provide  backup 
and  how  they  design  the  basic  architecture  of  their 
call  control  mechanisms.  Page  43. 


Sector  Spotlight  The  oil  industry  is 
turning  to  Linux  clusters  for  high-end 
computing.  Page  46. 


Face-Off:  We  all  know  that  some  small 
groups  within  large  organizations  are  putting  in 
wireless  LANs,  but  is  wireless  LAN  technology 
ready  for  a  full-scale  rollout  across  a  company. 

Page  48. 


Interactive 

Forum:  Weighing  NAS  options 

“Small  Business  Tech"  columnist  James  Gaskin's  recent  comparison  of 
Linksys  vs.  Snap  Server  devices  for  the  small  network  sparked  a  lot  of 
comments  from  readers,  especially  those  not  too  keen  on  Linksys. 

DocFinder:  5031 
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Columnists 

Compendium 

Build  your  own  Google  interface 
Fusion  Executive  Editor  Adam  Gaffin  introduces  you  to  Elwyn 
Jenkins,  who  can  tell  you  how  to  build  your  own  Google 
search  form.  DocFinder:  5034 


Forum:  Microsoft's  shifting  plan  has  users 
frustrated 

So  what's  the  deal  with  Microsoft's  collaboration  strategy?  Some  say 
it's  Microsoft  just  being  Microsoft:  “What  did  you  expect?"  asks  one 
reader.  DocFinder:  5032 

Top  ISP  Report  -  February 

Is  your  ISP  measuring  up?  Find  out  with  our  Top  ISP  Report,  a  joint 
venture  between  Network  World  and  eTesting  Labs’  Internet 
BenchMark  service.  DocFinder:  5033 

Wireless  LAN  Buyer’s  Guide 

In  the  market  for  WLAN  gear?  Compare  and  contrast  185  wireless  LAN 
switches,  gateways,  antennas  and  more. 

DocFinder:  4931 
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Home  Base 

Make  a  big  impression 

Columnist  Jeff  Zbar  looks  at  SOHO  phone  services  that  pro¬ 
vide  corporate  PBX  features  without  the  cost  or  headaches 
of  the  original.  DocFinder  5035 

Telework  Beat 

More  fuzzy  math 

Net.Worker  Managing  Editor  Toni  Kistner  examines  a  federal 
report  and  wonders  whether  the  federal  government  is  really 
meeting  its  telework  goals.  DocFinder:  5036 

Digital  Domicile 

Beyond  Ethernet  and  Wi-Fi 

Columnist  Mike  Wolf  takes  a  look  at  unusual  approaches  to 
the  connected  home,  such  as  Serconet,  which  creates  an 
Ethernet  backbone  over  in-home  phone  wiring. 

DocFinder:  5037 

What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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Report  on  Microsoft  security  mixed 

■  A  report  released  by  Forrester  Research  last  week  shows  that 
security  is  still  tops  the  list  of  concerns  for  Microsoft  users,  but 
that  those  concerns  are  not  deterring  them  from  deploying 
Windows-based  applications.  Seventy-seven  percent  of  IT  secur¬ 
ity  experts  at  companies  with  more  than  $1  billion  in  annual  rev¬ 
enue  say  they  have  experienced  Windows  security  problems  in 
the  past  year.  But  89%  of  the  35  respondents  said  they  still  run 
sensitive  applications  on  the  Windows  operating  system.  The 
Forrester  report  lauded  Microsoft  for  its  ongoing  efforts  to  clean 
up  its  security  problems,  but  says  the  company  still  has  work  to 
do,  specifically  with  patch-management  tools. The  report  says  the 
answer  to  better  security  lies  in  a  partnership  that  connects 
Microsoft,  independent  software  vendors,  and  users  throughout 
the  development,  deployment  and  operations  phases  when  run¬ 
ning  the  Windows  platform. 

IDG  tempers  global  growth  forecast 

■  Unless  the  war  in  Iraq  drags  on,  global  IT  spending  will  rebound  this  year,  although 
not  by  as  much  as  previously  forecast,  1DC  says.The  new  forecast  sees  spending  increase 
2.3%  over  last  year,  a  downward  revision  of  a  previous  forecast  that  saw  growth  of  3.7%. 
War  and  uncertainty  about  the  global  economy  were  cited  as  causes.  Assuming  a  “rela¬ 
tively  short  war"  and  economic  stability,  IDC  predicts  global  IT  spending  this  year  will 
reach  $852  billion. Overall  growth  will  continue  next  year,  with  an  increase  of  4%  to  6%, 
and  hit  6%  to  7%  in  2005, analysts  said,  with  the  global  IT  market  hitting  $1  trillion  in  rev¬ 
enue  by  2006.  IDC  is  optimistic  about  an  increase  in  network  equipment  purchases,  dri¬ 
ven  partly  by  widespread  broadband  adoption  and  data  network  growth.lt  also  predicts 
that  the  converged  handheld  market  will  provide  a  key  boost  to  hardware,  which  will 
have  a  tougher  time  recovering  because  of  “fierce  price  competition  and  continued 
capital  expenditure  declines  from  telecom  operators,”  IDC  said. 

Apache  upgrade  addresses  security  issues 

■  The  latest  release  of  Apache  2.0  fixes  a  number  of  security  vulnerabilities  including 
an  as-yet-undisclosed  flaw  that  could  be  used  to  launch  a  denial-of-service  attack 
against  machines  running  the  popular  Web  server,  according  to  information  released  by 
the  Apache  Software  Foundation.The  new  release, Version  2.0.45,  is  intended  “principally 
as  a  security  and  bug  fix  release,”  according  to  the  ASF  Foremost  on  the  list  of  fixed  vul¬ 
nerabilities  was  a  security  hole  discovered  by  David  Endler,  director  of  Technical 
Intelligence  at  security  intelligence  firm  iDefense.  Details  on  the  vulnerability  Endler  dis¬ 
covered  were  not  disclosed,  but  Apache  2.0  users  were  encouraged  to  upgrade.  Endler 
will  publish  a  report  on  the  vulnerability  this  week,  according  to  the  ASF 

COMPENDIUM 

New  user  for  power  over  Ethernet? 

Mike  Gundertoy  has  an  idea  for  software  that  displays  Weblog  headlines:  "You  know 
what  I  really  want  from  my  news  aggregator?  A  filter  I  could  turn  on  to  simply  destroy 
any  incoming  message  on  the  merits  of  C#  vs.  VB  or  Hungarian  naming.  Perhaps  one 
that  would  go  out  and  actually  delete  the  originating  Web  site  could  be  a  value-add  for 
the  Professional  Edition.”  Find  out  more  at  www.nwfusion.com, 

DocFinder:  5038. 


www.nwfusion.com 


Tht  GoodTheBatfTheUgly 


Dell  is  swell.  While  so  many  network  companies  are  stumbling,  Dell 
continues  to  zip  along.  COO  and  President  Kevin  Rollins  last  week  told  financial 
analysts  that  the  company's  goal  of  boosting  annual  revenue  to  $60  billion  is 
looking  realistic  for  the  $35.4  billion  company.  “We're  seeing  double-digit  year- 
over-year  revenue  growth  in  all  regional  markets  and  customer  segments,"  he 
boasted. 

They  should  know  better.  High-tech  companies  need  to  treat 
their  customers  better  online,  according  to  a  survey  of  500  Web  sites  recently 
conducted  by  consulting  firm  The  Customer  Respect  Group.  Noting  that  a  one- 
third  of  high-tech  companies  don’t  respond  to  e-mail  inquiries  through  their  Web 
sites,  CEO  Donal  Daly  says  "[G]iven  the  dramatic  slump  in  high-tech  fortunes 
during  the  past  few  years  and  their  ^ 
in-house  technology  talent, 
it's  amazing  all  firms  in 
this  sector  don't  make 
a  stronger  effort  with  1 
their  Web  sites."  >- 


How  do  you  really  feel,  Larry?  Oracle  CEO  Larry  Ellison 
let  loose  on  Microsoft  last  week  at  an  Oracle  partners  event:  ‘‘[Microsoft  has] 
already  been  killed  by  one  open  source  product  [Apache],  Slaughtered,  wiped 
out,  taken  from  market  dominance  to  irrelevance.  They  had  a-virtual  monopoly 
on  Web  servers,  and  then  they  were  wiped  off  the  face  of  the  earth.  And  it's 
going  to  happen  to  them  again  on  Linux." 


Van  Siclen  resigns  from  Interwoven 

■  Interwoven  President  and  CEO  John  Van  Siclen  resigned  last  week.  Company  chair¬ 
man  Martin  Brauns,  who  was  CEO  from  1998  to  2002  when  Van  Siclen  took  over,  will  fill 
in  as  interim  CEO  until  a  replacement  is  named,  the  content  management  software  ven¬ 
dor  said.  Van  Siclen  joined  Interwoven  in  1999  as  vice  president  of  business  develop¬ 
ment  and  later  was  promoted  to  COO.  Interwoven  will  report  quarterly  results  April  17, 
but  said  last  week  that  it  expects  total  revenue  in  the  range  of  $24.5  million  to  $25.5  mil¬ 
lion  and  a  loss  of  about  10  cents  per  share. 

Recording  industry  group  sues  students 

■  The  Recording  Industry  Association  of  America  has  sued  four  university  students  who 
allegedly  ran  file-sharing  networks  on  their  schools  local  networks.The  students,  two  at 
the  Rensselaer  Pblytechnic  Institute  and  one  each  at  Princeton  University  and  Michigan 
Technological  University,  operated  “local-area  Napster  networks,”  the  R1AA  said  in  a  state¬ 
ment  last  week.  File-swapping  pioneer  Napster  was  shut  down  by  the  entertainment 
industry  two  years  ago.  The  RIAA  had  previously  identified  campuses  as  a  hotbed  of 
music  piracy,  but  the  lawsuits  are  the  first  the  organization  has  filed  against  students. 
Before,  the  RIAAs  legal  fire  was  aimed  mostly  at  companies  offering  fileswapping  soft¬ 
ware  such  as  Kazaa  and  Morpheus. 


ARE  THE  SEVEN  DEADLY  INTERNET  SINS 
IMPACTING  YOUR  INFORMATION  SYSTEMS? 

(Stop  multi-media  download*) from | 
eating  up  your  IT  resourced.  j 

W  W 

Movies.  Music.  Interactive  gaming.  In  the  office,  online 
entertainment  can  add  up  to  heavy  network  loads. 

Now  you  can  turn  to  Websense  Enterprise  software  to 
trim  down  excessive  employee  bandwidth  use.  Block 
streaming  media,  set  real-time  thresholds  on  network- 
based  applications,  or  restrict  protocols  that  tunnel 
over  port  80  with  Websense  Enterprise’s  flexible  filter¬ 
ing  options.  Websense  also  lets  you  monitor  bandwidth 
overindulgence  in  real-time.  And  because  it’s  easy  to 
install  and  integrates  seamlessly  with  the  leading 
firewalls,  proxy  servers,  routers,  network  switches  and 
caching  appliances,  Websense  Enterprise  makes  getting 
started  simple.  Trust  the  pioneer  of  the  employee 
Internet  management  category  to  get  your  bandwidth 
use  back  in  shape.  For  more  information  or  to 
download  a  free,  30-day  trial  of  Websense  Enterprise 
visit  www.websense.com  today. 


EMPLOYEE  INTERNET  MANAGEMENT 


NASDAQ:  WBSN 
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Mgmt  vendors  beat  automation  drum 

BMC  and  IBM  Tivoli  separately  announce  software  to  automatically  manage  networks. 


■  BY  DENISE  DUBIE 

IBM  and  BMC  Software  this 
week  separately  will  announce 
product  road  maps  that  industry 
watchers  say  will  begin  to  deliver 
real-time  automation  and  service 
management  features  that  ven¬ 
dors  have  long  promised  enter¬ 
prise  customers. 

IBM  will  unveil  the  Tivoli  Auto¬ 
nomic  Monitoring  Engine  at  its 
DeveloperWorks  Live  and  Planet 
Tivoli  conference  in  New  Or¬ 
leans.  The  company  says  the  soft¬ 
ware  will  help  customers  create 
links  among  end  users,  resources 
and  business  processes  to  more 
effectively  manage  applications 
and  services. 

Network  managers  will  config¬ 
ure  the  server  software  to  monitor 
specific  business  services, such  as 
help  desk,  or  applications  such  as 
SAP’s  CRM  software.  From  there, 
the  autonomic  engine  will  use 
rules  built  into  the  software  (or 
tailored  upon  installation  by  the 
customer)  to  correlate  data  from 


disparate  sources,  detect  poten¬ 
tial  problems  and  take  appropri¬ 
ate  corrective  action. 

The  primary  difference  be¬ 
tween  Tivoli’s  Autonomic  Mon¬ 
itoring  Engine  and  automation 
features  in  products  from  IBM 
and  others  is  that  Tivoli  wrote  the 
software  to  include  the  most 
common  problems  and  fixes  to 
specific  network  devices, systems, 
servers,  databases  and  applica¬ 
tions.  To  activate  automation  in 
many  management  tools,  net¬ 
work  managers  have  to  configure 
the  software  when  installed  to 
take  corrective  action.  In  this 
case, Tivoli  executives  say  the  soft¬ 
ware  comes  with  300  resource 
models,  or  predefined  if-then  sce¬ 
narios  to  help  the  software  self- 
manage  and  self-heal,  two  tenets 
of  IBM’s  autonomic  computing 
initiative. 

Rick  Sturm,  senior  analyst  at 
Enterprise  Management  Associ¬ 
ates,  says  Tivoli  is  delivering  an 
automation  tool  that  can  be  slow¬ 
ly  integrated  into  an  enterprise 


network  manager’s  tool  kit.  While 
IBM  says  it  will  include  autonom¬ 
ic  features  throughout  its  Web¬ 
Sphere,  DB2,  Lotus,  Rational  and 
Tivoli  software  divisions,  Sturm 
says  the  logical  place  for  IBM  to 
start  proving  it  can  automate 
computing  is  within  its  network 
and  systems  management  arm. 

Corporations  have  had  to  suffer 
through  long  deployment  cycles 
and  poor  software  in  the  past. 
Sturm  says  things  are  changing, 
but  slowly 

“It’s  not  going  to  be  that  sud¬ 
denly  everything  is  automated;  it’s 
going  to  be  one  piece  at  a  time,” 
he  says. “Tivoli  has  been  building 
intelligence  into  their  software  to 
make  IT  operations  more  effi¬ 
cient.  No  one  is  ever  perfect,  but 
they  have  been  making  signifi¬ 
cant  strides.” 

The  software  is  expected  to  be 
generally  available  this  fall,  and 
pricing  has  yet  to  be  determined. 
An  autonomic  tool-kit  version  of 
the  software  is  in  beta  trials  with 
See  Management,  page  14 


The  three  S’s 

In  addition  to  introducing  autonomic  computing  tech¬ 
nology,  Tivoli  is  enhancing  its  systems,  storage  and 
security  monitoring  product  lines  with  these  offerings: 

Product  line  Product 

What's  new 

System  Service  Level  Service-level  agreement  wizard  builds 

Advisor  1.2.1  SLAs;  visualized  SLA  reports. 

Enterprise 
Console  3.9 

Web  console  for  remote  access;  pre- 
corrfigured  rules  forevent  management. 

Remote 
Control  3.8 

Support  across  firewalls;  central  logging. 

Storage  Storage 

Manager  5.2 

Improves  firewall  security-enabled 
backups  without  client-initiated  sessions. 

Storage 
j  Resource 
Manager  1.2 

Automated  file  system  extension  for 

AIX  and  Solaris. 

SAN 

Manager  1.2 

Automated  error  detection  and  fault 
isolation. 

Security  Access 

j  Manager 

Integration  with  nine  third-party 
products,  including  nCipher’s  nForce 
hardware  security  module  and 
OpenConnect  Systems’ WebConnect 
with  Single  Sign-On. 

CEO  speaks 
of  Veritas 
branching 
out 

Network  World  Senior  Editor 


Deni  Connor  recently  spoke  with  Veritas  CEO 
Gary  Bloom,  who  for  the  first  time  talked  publicly 
about  the  company’s  plans  to  integrate  the  prod¬ 
ucts  of  two  acquisitions  —  application  and  per¬ 
formance  management  company  Precise 
Software,  and  sewer  and  storage  provisioning 
start-up  Jareva. 

How  will  their  products  fit  into  your  software  strategy? 

They  will  move  us  not  only  into  the  server  virtualiza¬ 
tion  market  but  also  into  the  application  performance 
management  market,  as  well  as  into  storage  resource 
management.  Jareva  does  exactly  for  servers  what 
Veritas  does  for  storage  —  get  better  utilization  of 
servers  and  manage  them  with  significantly  fewer 


people.There’s  a  natural  synergy  that  says  if  we  are 
already  managing  a  customer’s  storage  environment, 
let  Veritas  manage  their  server  environment  and  give 
their  network  better  performance. 

Does  that  mean  Veritas  will  be  doing  server  provisioning? 

Yes.  What  Jareva  does  is  put  all  the  servers  into  a 
pool  like  virtualization  does  in  the  storage  world  and 
lets  administrators  allocate  server  capacity  based  on 
performance  requirements. You  can  share  and  move 
resources  to  applications  at  the  end  of  the  month  for 
financial  closing  operations.  Jareva  lets  you  resource- 
share  your  server  and  storage  hardware,  and  get  bet¬ 
ter  performance  with  less  acquisition  cost. 

Are  you  looking  at  this  from  an  application  or  business- 
process  point  of  view  as  far  as  managing  server  and  stor¬ 
age  resources? 

What  Veritas  does  today  is  provide  a  highly  avail¬ 
able  infrastructure,  which  uses  resources  efficiently. 
Now  we  will  be  able  to  manage  the  performance  of 
applications.The  Precise  software  may  find  that  an 
Oracle  application  doesn’t  have  enough  storage 
allocated  to  it,  so  it  might  automatically  add  capac¬ 
ity  to  the  storage.  It  may  determine  that  a  SAP  appli¬ 
cation  needs  more  server  capacity  and  communi¬ 
cate  with  the  Veritas  and  Jareva  software  to  add 
more  server  capacity. 

We  will  be  able  to  dynamically  allocate  resources 
based  on  a  viewpoint  from  the  application  user  all 
the  way  through  the  data  stored  on  disk.The  soft¬ 
ware  also  lets  you  look  at  all  those  layers  and  says 


why  aren’t  you  getting  optimal  performance.  Once 
you  have  predictive  information  on  what’s  wrong, 
you  can  immediately  go  to  the  next  step  with  the 
Veritas  resources  underneath  and  fix  the  problem 
automatically. 

What  are  you  seeing  as  the  impact  of  the  economy  on  IT 
thinking  and  spending? 

We  have  a  handful  of  macro-economic  things 
going  on,  whether  it  is  the  ongoing  weakness  of  the 
economy  the  war  in  Iraq  or  the  SARS  respiratory  dis¬ 
ease.  But  at  the  same  time,  nothing  has  fundamen¬ 
tally  changed.  It’s  still  conservative  in  IT  spending.  At 
some  point  IT  has  to  make  adjustments,  which  have 
to  do  with  the  life  span  of  technology  in  the  market 
and  with  looking  for  ways  two  to  three  years  into  a 
downturn  to  actually  change  their  cost  model  for 
their  IT  operations. . .  .We  can  show  them  how  to 
more  efficiently  manage  their  storage  environments, 
ultimately  saving  them  capital  acquisition  costs  but 
also  making  their  IT  labor  more  efficient. 

Is  that  saying  you  want  IT  to  look  at  existing  products  and 
how  they  can  be  improved  with  new  features? 

Sure,  a  lot  of  it  is  taking  advantage  of  the  low  uti¬ 
lization  rates  in  storage  that  most  customers  have 
today.  If  you  go  back  two  years,  average  utilization 
rates  by  most  studies  was  35%  to  40%.  When  I 
talked  to  CIOs,  they  said  their  utilization  was  10%  to 
20%.  Now,  industry  studies  say  utilization  is  moving 
closer  to  50%.That  still  means  that  half  of  your  stor¬ 
age  is  underutilized.  ■ 


FREE  White  Paper! 

On  Avoiding  Costs  from  Oversizing 
Server  Room  Infrastructure 


Just  mail  or  fax  this  completed 
coupon  or  contact  APC  for  your 
FREE  white  paper  •  On  Avoiding 
Costs  from  Oversizing  Server 
Room  Infrastructure  Also 
receive  our  FREE  InfraStuXure” 
brochure.  Better  yet,  order  both 
today  at  the  APC  Web  site! 


Key  Code 

http://promo.apc.com _ j738y 

(888)  289-APCC  x2762  •  FAX:  (401 )  788-2797 


Legendary  Reliability” 


rnrr  i  ■  >■  n  On  Avoiding  Costs  from  Oversizing 
rHtb  White  Paper  Server  Room  Infrastructure 

□  YES!  Please  send  me  my  FREE  white  paper  and  InfraStuXure”  brochure. 

□  NO,  I'm  not  interested  at  this  time,  but  please  add  me  to  your  mailing  list. 
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Company: 

Address:  Address  2: 


City/Town: State: Zjjx_ Country: 

Phone: _ Fax; _ E-mail: _ 

I  I  Yes!  Send  me  more  information  via  e-mail  and  sign  me  up  for  APC  PowerNews  e-mail  newsletter.  |  Key  Code  j738y  j 

What  type  of  availability  solution  do  you  need? 

□  UPS:  0-1 6kVA  (Single-phase)  □  UPS:  1 0-80kVA  (3-phase  AC)  □  UPS:  80+ kVA  (3-phase  AC)  □  DC  Power 

□  Network  Enclosures  and  Racks  □  Precision  Air  Conditioning  □  Monitoring  and  Management 

□  Cables/Wires  □  Mobile  Protection  □  Surge  Protection  □  UPS  Upgrade  □  Don't  know 
Purchase  timeframe?  □<  1  Month  □  1-3  Months  □  3-12  Months  □  1  Yr.  Plus  □  Don't  know 
You  are  (check  1):  □  Fiome/Flome  Office  □  Business  (<1000  employees)  □  Large  Corp.  (>1000  employees) 
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Legendary  Reliability' 


Are  you  really  as  dense 
as  we  think  you  are? 


As  racks  become  increasingly  popu¬ 
lated  with  thinner,  deeper  servers, 
high  power  densities  in  your  server 
room  or  data  center  can  create 
havoc,  from  early  equipment  failures 
to  expensive,  forget-about-your-job- 
security  downtime. 

Introducing  InfraStruXure™  architec¬ 
ture,  the  industry's  only  patent-pend¬ 
ing,  network-critical  physical  infra¬ 
structure.  InfraStruXure""  lets  you 
target  power  and  cooling  precisely 
where  your  mission-critical  applica¬ 
tions  live — the  rack  enclosure. 


[hot  air] 


And  because  InfraStruXure  architec¬ 
ture  uses  a  modular,  manageable,  pre¬ 
engineered  approach,  you  can  select 
standardized  components  to  create 
your  own  customized  solutions. 

Which  means  you  can  target  avail¬ 
ability,  pay  as  you  grow,  adapt  to 
change,  and  maximize  efficiency 
while  minimizing  installation,  operat¬ 
ing,  service,  and  maintenance  costs. 

In  times  like  these,  it  pays  to  think 
smart.  For  more  information  on 
InfraStruXure's  open,  adaptable, 
and  integrated  architecture  for  on- 
demand,  network-critical  physical 
infrastructure,  visit  us  online  today 
at  www.apc.com. 


ImiMwrtCowfifiw  BCSt 

New  Technology 

Awards  »f  FOSE 

tyfnttor  2  0°^ 


Winner  of  the  Windows  and  .Net  Magazine  "2002 
Reader's  Choice  Award  for  Best  High  Availability 
Solution"  and  the  GCN  " Best  New  Technology 
Award"  at  FOSE,  March  2002.  I Awarded  to 
PowerStruXurem,  which  is  now  included  under  the 
InfraStruXure ”  brand.) 


SC 


Infrastructure 


POWER  RACK  AIR 


Open,  adaptable  and  integrated 
architecture  for  on-demand 
network-critical  physical  infrastructure 


High  power  densities  can  create  hot 
spots,  which  cause  equipment  failures 
and  expensive  downtime. 


BEFORE 


[cold  air] 


InfraStruXure's  advanced  cooling 
components  help  remove  heat  from 
your  servers  and  target  air  circulation 
where  it  is  most  needed. 

Air  components  designed  for 
InfraStruXure M  are  manageable  via 
network  technology,  and  feature  a 
modern,  reliable  design  with  fewer 
moving  parts. 


AFTER 
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Equipment  Racks 


Batteries 


UPSs 


Traditional  data  centers  are  built  out 
for  future  capacity  and  require  a 
large  amount  of  floor  space  that 
could  be  otherwise  utilized.  High 
power  density  racks  create  danger¬ 
ous  hot  spots. 


InfraStruXure"  lets  you  build  out  capacity 
only  as  it's  required.  Save  up  to  50% 
CapEx  and  20%  OpEx*,  and  reclaim  an 
average  of  20%  usable  space. 
InfraStruXure  AIR  delivers  cooling 
directly  where  it  is  needed,  eliminating 
dangerous  hot  spots. 


For  a  closer  look  at  InfraStruXure™ ,  attend  a  FREE  APC  Executive 
Breakfast  Seminar  in  your  area.  For  more  information  visit: 
http://promo.apc.com  and  enter  key  code  below. 

*  Representative  savings  based  on  projected  power  infrastructure  build-out  costs  and  estimated  service  cost  per  unit 
Actual  savings  may  vary. 


"Our  Video  on  Demand  (VOD) 
servers  are  air  cooled  from  front 
to  back.  The  APC  racks  that 
house  the  InfraStruXure  are  also 
designed  to  cool  from  front  to 
back.  So  the  same  racks  can 
effectively  house  our  power  sys¬ 
tem  and  our  servers. " 

Vince  Pombo 
Vice  President  of  Engineering 
Rich  Flanders 
Director  of  Engineering 
Time  Warner  Cable 

"If  I  had  purchased  the  incum¬ 
bent  vendor's  3-phase  upgrade 
model,  I  would  have  paid  75% 
more  in  service  costs  over  the 
next  four  years  and  I  would 
have  had  to  utilize  50%  more  of 
my  precious  floor  space." 

Captain  Timothy  Riley 
Support  Services  Division 

City  of  Newport  Beach  Police  Department 


Every  product  carrying  this  mark  has 
been  tested  and  certified  for  use  with 
InfraStruXure”  architecture.  Before 
you  buy,  check  for  the  X  to  guarantee 
product  compatibility. 


Legendary  Reliability 
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Sprint  to 
offer  Feds 
their  own 
‘Internet' 

■  BY  GRANT  GROSS 

WASHINGTON,  D.C.  —  Sprint 
last  week  announced  plans  for  a 
summer  launch  of  a  private  IP 
network  aimed  at  security-con¬ 
scious  Li.S.  government  agencies. 

The  unnamed  network  will 
mimic  Sprints  SprintLink  enter¬ 
prise-class,  IP  backbone  net¬ 
work  and  offer  most  of  the  same 
features,  except  that  it  won’t  be 
connected  to  the  Internet. 

Available  services  will  include 
virtual  LANs,  VPNs  and  voice 
over  IP  and  Sprint  will  charge  a 
10%  to  15%  premium  over  the 
cost  of  SprintLink. 

The  “government-grade”  pri¬ 
vate  Internet  should  have  one 
or  two  agencies  as  customers 
by  its  launch  in  June,  a  Sprint 
spokesman  says.  The  service  is 
designed  to  ease  customer  wor¬ 
ries  that  “someone  in  an  Inter¬ 
net  cafe  in  Beijing  could  get 
into  the  network,”  the  spokes¬ 
man  says. 

Customers  using  the  network 
would  have  to  use  SprintLink  or 
another  public  backbone  for 
outside  e-mail  or  Web  surfing, 
but  individual  users  won’t  be 
able  to  tell  when  they’re  switch¬ 
ing  back  and  forth,  he  says. 

Berge  Ayvazian,  senior  re¬ 
search  fellow  with  The  Yankee 
Group,  says  Sprint’s  timing  is 
good, given  that  U.S. government 
agencies  are  becoming  aware 
of  security  issues. 

The  Sprint  project  is  the  first 
such  private  IP  network  for  gov¬ 
ernment  users,  Ayvazian  says, 
and  he  sees  customers  convert¬ 
ing  from  other  private  network 
services  that  don’t  use  IRsuch  as 
frame  relay. 

Ayvazian  isn’t  sure  how  big  the 
market  will  be  for  such  services, 
but  he  notes  that  the  cost  to 
Sprint  was  minimal  because  the 
company  is  using  Cisco  gear 
recycled  from  the  carrier’s  Inte¬ 
grated  On-Demand  Network 
broadband  service,  aborted  late 
last  year. 

Sprint  did  not  disclose  the 
cost  of  constructing  the  new 
network. 

Grass  is  a  correspondent  with 
IDG  News  Service  's  Washington 
D  C  bureau. 


Microsoft  eases  directory  work 


■  BY  JOHN  FONTANA 

REDMOND,  WASH. —  Microsoft 
is  preparing  for  a  major  evolution 
of  Active  Directory  this  summer 
that  will  allow  it  to  play  catch-up 
with  competitors  and  provide 
companies  the  ability  to 
more  easily  use  the  soft¬ 
ware  to  support  Web- 
based  and  other  appli¬ 
cations. 

Microsoft  last  week 
released  the  first  public  beta  ver¬ 
sion  of  Active  Directory/Appli¬ 
cation  Mode  (AD/ AM),  a  simple 
Lightweight  Directory  Access  Pro¬ 
tocol  (LDAP)-based  directory  to 
support  applications.  AD/ AM  is  a 
stand-alone  version  of  the  direc¬ 
tory  that  operates  on  Windows, 
but  does  not  require  integration 
with  a  corporation’s  Active  Direc¬ 
tory  infrastructure. 

AD/AM  can  be  dedicated  to 
one  application  to  isolate  data 
specific  to  that  application,  such 
as  policies  or  management  infor¬ 
mation.  AD/AM  prevents  the 
core  Active  Directory  from  get¬ 
ting  bogged  down  with  the  type 
of  information  that  would  foster 
changes  to  the  directory’s 
schema,  which  defines  its  struc¬ 
ture  and  content.  Directory-en¬ 
abled  applications  almost  always 
require  schema  changes,  which 
add  data  to  the  directory  and 
complexity  to  its  operation. 

While  AD/ AM  serves  as  an  inde¬ 
pendent  data  repository,  it  can 
rely  on  Active  Directory  as  a  user 
authentication  engine,  meaning 
companies  don’t  have  to  repli¬ 
cate  that  information  to  AD/AM. 

“AD/ AM  is  very  interesting,”  says 
a  directory  administrator  for  a 


Lightweight  Active  Directory 

Microsoft’s  forthcoming  Active  Directory/Application 
Mode  (AD/AM)  is  a  directory  based  on  the  Lightweight 
Directory  Access  Protocol  (LDAP)  that  lets  users  more 
easily  support  Web  applications. 


j  -  ; 

Portal  application  uses  NOS 
directory  to  authenticate  user. 


Client  requests  access  to  portal 
application  from  Web  server. 
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Which  management 
software  company  has 
acquired  firms  IT 
Masters  and  Remedy? 


Answer  this  and  nine  additional  questions 
online  and  you  could  win  $500!  Visit 
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large  multinational  company 
who  asked  not  to  be  identified.“It 
represents  a  maturity  for  [Active 
Directory].  For  people  who 
understand  directories  this  perks 
up  their  ears  because  they  know 
it  can  ease  support  problems  and 
reduce  replication  traffic.” 

The  administrator  says  his  com¬ 
pany  has  more  than  10G  bytes  of 
data  in  its  Active  Directory,  which 
creates  a  lot  of  replication  traffic. 
“We  have  divisions  that  want  to 
use  the  directory  to  support  their 
applications,  but  that  would 
change  our  schema  and  add  to 
our  replication  problem.” 

He  says  it  would  be  nice  for 
those  divisions  to  have  a  dedicat¬ 
ed  directory,  especially  one  his 
staff  is  trained  to  support. 

“AD/AM  opens  up  an  opportu¬ 
nity  for  Microsoft  to  do  some¬ 
thing  in  the  enterprise  and  e- 
business  roles  that  they  were 
restricted  from  doing,”  says  Mike 
Neuenschwander,  an  analyst 
with  Burton  Group. 

The  restrictions  came  because 
Active  Directory  which  is  the  only 
directory  baked  into  an  operating 
system,  is  complicated  to  deploy 
The  directory  must  sit  on  its  own 
server,  called  a  domain  controller, 
and  must  be  run  with  other  oper¬ 
ating  system  services  such  as 
Kerberos  and  the  DNS.  That  can 
create  a  lot  of  cost,  security  and 
support  issues  for  companies  that 
need  an  LDAP-based  directory 

In  contrast,  AD/AM  does  not 
have  to  sit  on  a  domain  con¬ 
troller,  and  multiple  copies  of  the 
directory  can  run  on  one  box  to 
service  multiple  applications. 
AD/AM  runs  as  an  independent 


service  on  a  network  as  opposed 
to  a  network  operating  system 
service  such  as  Active  Directory 

“Microsoft  coded  themselves  in¬ 
to  a  hole  and  now  they  have  got¬ 
ten  themselves  out,  but  we 
shouldn’t  get  overly  excited  be¬ 
cause  they  are  late  to  the  game,” 
Neuenschwander  says. 

Other  vendors  are  providing 
these  kinds  of  general-purpose 
LDAP  directories,  most  notably 
Novell  with  its  eDirectory  and 
Sun  with  Sun  One  Directory 
Server.  Neuenschwander  says 
AD/AM  should  put  the  most  pres¬ 
sure  on  Sun,  which  has  yet  to 
cement  its  multimaster  replica¬ 
tion  technology 

The  two  Microsoft  competitors 
have  each  used  their  LDAP-based 
directories  to  build  a  base  of 
more  than  a  billion  users,  accord¬ 
ing  to  Gartner. 

“Microsoft  is  looking  at  that  with 
its  little  70  million  or  so  users  and 
they  want  a  piece  of  that  action," 
says  John  Enck,  an  analyst  with 
Gartner.  “The  target  for  Microsoft 
is  that  LDAP  market.” 

Microsoft  plans  to  ship  AD/AM 
before  July,  according  to  Jack- 
son  Shaw,  technical  product 
manager  for  directory  services 
at  Microsoft. Shaw  says  Microsoft 
has  not  announced  pricing  but 
that  it  should  be  about  the  same 
as  its  Active  Directory  Internet 
Connector,  which  is  priced  at 
$2,000. 

AD/AM  will  run  on  Windows 
Server  2003,  which  ships  later 
this  month,  and  Windows  XP,  so 
developers  can  run  a  directory 
on  their  desktop  for  testing 
applications.  ■ 
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Security  start-up  to  block  Trojans 


■  BY  ELLEN  MESSMER 

AUSTIN,  TEXAS  —  Start-up 
WholeSecurity  debuts  this  week 
with  Web  server  software  de¬ 
signed  to  prevent  remote-access 
Trojans  or  eavesdropping  soft¬ 
ware  from  penetrating  networks 
during  e-commerce  or  employee 
interactions  over  the  Internet. 

The  company  says  its  Confi¬ 
dence  Online  helps  guard  against 
identity  theft  and  network  com¬ 
promise  by  detecting  and  block¬ 
ing  any  action  by  harmful  Trojans 
such  as  BackOrifice  and  Sub¬ 
seven,  as  well  as  legitimate  re- 
mote-administration  tools  such  as 
Symantec’s  PCAnywhere.The  goal 
is  to  prevent  any  potential  entry¬ 
way  from  desktops  into  corporate 
networks  during  interaction  over 
the  Web, says  Tony  Alagna,  founder 
of  WholeSecurity 

Before  founding  WholeSecurity 
in  2000,  Alagna  was  a  consultant 
at  the  Information  Security  Pene¬ 
tration  Institute  in  Annapolis,  Md., 
and  conducted  vulnerability  as¬ 
sessments  on  government  net- 
works.The  32-employee  company 
has  received  $8.5  million  in  fund¬ 
ing  from  Venrock  Associates  and 
New  Enterprise  Associates. 

Confidence  Online  scans  and 
blocks  after  it’s  automatically 
downloaded  from  the  Web  serv¬ 
er  to  a  Microsoft  or  Netscape 
browser  of  an  employee  or 
e-commerce  partner.  The  block¬ 
ing  continues  until  the  Web  ses¬ 
sion  is  over.  The  software  can  be 
configured  to  delete  desktop 
code,  but  WholeSecurity  does 
not  recommend  that  in  most 
circumstances. 

The  software  has  been  beta-test¬ 
ed  at  Deutsche  Bank  and  the 
Lower  Colorado  River  Authority 
(LCRA)  in  Texas. 

“We’re  using  it  to  weed  out  Tro¬ 
jans  and  spyware  like  Gator’’ says 
Michael  Allgeier,  LCRA  data  secu¬ 
rity  officer.  Confidence  Online 
works  like  a  “background  check” 
on  computers  before  they  are 
allowed  into  the  LCRA  network, 
he  says. 

But  the  software  might  elicit 
controversy  because  it  scans  in¬ 
side  laptops,  an  action  some  see 
as  a  violation  of  privacy 

“Yes.it  is  controversial,” acknowl¬ 
edges  Scott  Olson,  WholeSecur- 
ity’s  vice  president  of  marketing. 
But  the  company  thinks  most 
people  will  conclude  that  the 
benefits  of  preventing  fraud  and 
network  compromise  outweigh 


the  desktop-privacy  arguments. 

Confidence  Online  costs  about 
$30  per  user  for  employees  and 
per-case  pricing  for  e-commerce 
applications. 

In  other  security  news,  Waveset 
and  Entrust  are  partnering  on  En¬ 
trust  Secure  Identity  Manage¬ 
ment,  which  combines  Waveset’s 
identity-management  product, 
Lighthouse,  with  Entrust’s  access- 
control  software,  getAccess.  Avail¬ 
able  for  Windows  and  Unix,  it’s 
expected  to  ship  in  June  at  a  cost 
of  about  $200,000.  Waveset’s  next 
version  of  Lighthouse,  Version  4, 
will  ship  later  this  year.  It  will  also 
include  the  Entrust  public-key 
infrastructure  technology  to  auto¬ 
mate  signing  and  timestamping 
of  management  transactions  and 
audit  logs.B 


Network  Associates  buys  two  start-ups 


Iaking  good  on  a  recent  pledge  to  expand 
into  new  segments  of  the  security  indus¬ 
try,  Network  Associates  last  week  bought 
its  way  into  the  emerging  intrusion-prevention 
system  (IPS)  market  by  agreeing  to  acquire  two 
start-ups  for  a  combined  $220  million. 

The  company  is  purchasing  privately  held 
IntruVert  Networks,  a  maker  of  network-based 
IPS  products,  for  $100  million  and  Entercept 
Security  Technologies,  a  vendor  of  host-based 
IPS  offerings,  for  $120  million.  IPS  products  are 
designed  to  block  attacks,  not  just  detect  them 
as  do  intrusion-detection  systems  (IDS). 

The  IntruVert  deal  signals  a  break  in  the 
strategic  relationship  between  Network 
Associates  and  IDS  vendor  Internet  Security 


Systems  (ISS).  Last  May,  Network  Associates 
licensed  ISS  technology  with  the  intent  of  incor¬ 
porating  it  into  its  own  high-speed  protocol- 
analysis  product,  Sniffer,  by  mid-2003.  Last 
month,  Network  Associates  executives  acknowl¬ 
edged  they  were  looking  at  other  options. 

Rival  Symantec  also  has  also  entered  the  IPS 
market  via  the  acquisition  route.  It  bought 
Recourse  Technologies,  a  maker  of  network- 
based  IPS  products,  for  $135  million  last  year. 

Network  Associates  has  gone  through  acquisi¬ 
tive  periods  before,  such  as  in  1998  when  it 
bought  10  companies.  The  company  is  off  to  a 
fast  start  this  year:  Aside  from  buying  the  two 
companies  last  week,  it  bagged  antispam  start¬ 
up  DeerSoft  in  January  for  an  undisclosed  sum. 


Box  speeds  SSL  traffic,  balances  loads 


■  BY  JENNIFER  MEARS 

Managed  security  firm  Guardent  was  look¬ 
ing  for  ways  to  beef  up  its  services  infrastruc¬ 
ture,  but  wanted  to  do  it  without  complicating 
its  data  center  architecture. 

After  looking  at  load  balancers  and  Secure 
Sockets  Layer  (SSL  )  devices,  Guardent  tested 
a  switch  from  start-up  Nauticus  Networks  that 
combines  traditional  Layer  2  to  Layer  3  switch¬ 
ing  with  application-layer  switching,  and  secu¬ 
rity  features  such  as  SSL  acceleration. 

Nauticus  says  its  N2000  and  N2000V  intelli¬ 
gent  switches  will  help  customers  reduce 
costs  and  improve  data  center  performance. 

The  ability  to  combine  functions  in  one 
device  was  something  Bob  Antia,  vice  presi¬ 
dent  of  quality  and  risk  at  Guardent  in 
Waltham,  Mass.,  was  especially  interested  in. 

“Combining  [load  balancing  and  SSL  accel¬ 


eration]  in  one  box  makes  it  easier  to  main¬ 
tain  and  easier  to  operate,”  he  says.“And  fewer 
components  mean  more  reliability’ 

Antia  says  he’s  been  impressed  with  the 
N2000,  which  has  run  highly  secure  applica¬ 
tions  without  taking  a  hit  on  performance. 
Because  of  security  issues,  Antia  wouldn’t 
specify  how  the  switch  is  being  used. 

Competing  products  from  companies  such 
as  Radware  and  F5  Networks,  which  offer  load 
balancing  and  SSL  acceleration  in  a  single 
device,  “don’t  have  the  throughput  that  the 
Nauticus  box  has,”  he  says. 

The  switches  run  on  Nauticus’  TideRunner 
chipset,  built  specifically  to  handle  load  bal¬ 
ancing,  SSL  acceleration  and  virtualization, 
meaning  the  physical  switch  can  be  parti¬ 
tioned  into  multiple  virtual  switches.  The 
switches  sit  behind  a  data  center  router 
and/or  alongside  existing  firewalls. 


Sharing  the  load 


Nauticus’  virtual  switching  technology  lets  customers  add  network  and 
security  services  to  multiple  data  center  servers,  enabling  resources  to 
be  shared  across  the  data  center. 
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Nauticus  switch 


O  A  user  logs  on  to  a  Web-based 
application,  PeopleSoft,  for  example. 
SSL  traffic  is  sent  through  the  data 
center  router  and  firewall.  The 
traffic  enters  the  Nauticus  switch, 
which  decrypts  and  inspects  the 
data  and  directs  it  to  the  most 
available  Web  server. 


©  To  continue  the  transaction,  the 
Web  server  seeks  an  application 
server  by  routing  traffic  back 
to  the  Nauticus  switch,  which 
inspects  the  traffic  for 
application  security  and  directs 
the  traffic  to  the  most  available 
application  server. 


©  The  application  server  might  then 
require  information  from  the 
database  server.  If  so  the  switch 
inspects  requests  from  the 
application  server  and  applies 
security  checks  and  business 
rules  as  it  directs  traffic  to  the 
most  available  database  servers. 


Because  all  the  processing  is  done  in  hard¬ 
ware,  the  switches  can  do  application-level 
switching  and  packet  inspection  without  tak¬ 
ing  a  hit  on  performance,  the  company  says. 

“We  have  the  ability  to  really  secure  your  site 
without  any  loss  of  performance,  which  has 
been  the  bane  of  people  using  SSL.  It’s  very 
costly  and  very  difficult  to  run.  We  solved 
many  of  those  problems,” says  Josh  Weiss,  pres¬ 
ident  and  CEO  of  Nauticus. 

Zeus  Kerravala,  an  analyst  at  The  Yankee 
Group,  says  the  concept  behind  the  Nauticus 
switches  is  sound,  especially  for  companies  in 
the  healthcare  and  financial  industries,  where 
secure  applications  are  widely  used.  But  he 
questions  whether  they  will  have  widespread 
appeal,  especially  with  technology  spending 
at  a  minimum  these  days.  As  for  their  virtual¬ 
ization  capabilities,  Kerravala  suspects  users 
might  not  yet  be  ready  for  such  a  drastic 
change  in  their  data  centers. 

With  the  N2000Y  companies  can 
create  virtual  switches  within  one 
physical  device.  Each  switch  can 
have  its  own  bandwidth,  policies 
and  management,  and  can  be 
used  to  direct  traffic  to  the  most 
available  server  in  a  data  center. 
Without  virtual  switches,  compa¬ 
nies  would  have  to  use  separate 
load  balancers  or  hardwire  their 
architectures. 

The  N2000  and  the  N2000V 
come  with  two  LAN  configura¬ 
tions:  40  10/100M  bit/sec  ports 
plus  four  Gigabit  Ethernet  ports  or 
with  just  12  Gigabit  Ethernet  ports. 
The  N2000V  includes  virtualiza¬ 
tion  capabilities.  Pricing  starts  at 
$25,000  for  the  N2000  and  $35,000 
for  the  N2000VB 
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SIP-based  convergence 


Siemens'  SIP-based  OpenScape  software,  based  on  Microsoft's 
Greenwich  RTC  server  and  Active  Directory,  gives  end  users  a  portal 
for  tying  together  communications  technologies: 
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Buddy  list  indicates 
whether  colleagues 
are  available  via 
e-mail,  chat,  voice  or 
video,  and  supports 
click  to  dial  and  click 
to  conference. 
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When  users  detail  their  status  (for  example,  in  the  office,  working 
remotely,  unavailable)  and  their  preferred  phone  number  (desk,  cell, 
remote  office,  home),  that  information  becomes  available  to  colleagues. 
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Collaboration  groups  can  be  specified  in 
advance  and  sessions  initiated  with  one  click. 
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who  is  available  via  what  media. 

The  XP-based  portal  includes  click-to- 
contact  features,  letting  phone  or  video 
calls,  chat  sessions  or  e-mails  be  placed  by 
clicking  on  names  in  a  Microsoft  Active 
Directory-based  listing. Conferences  can  be 
established  by  clicking  on  multiple  names. 
OpenScape  has  integrated  support  for 
WebEx’s  Internet-based  whiteboard  and 
document  sharing  service. 

At  the  heart  of  the  suite  is 
unified  messaging  middle¬ 
ware  that  runs  on  Microsoft’s 
soon  to  be  released  Green¬ 
wich  Real  Time  Communi¬ 
cations  (RTC)  server  above 
Windows  2003  Server.  An  inte¬ 
grated  SIP  gateway  makes  it 
possible  to  interface  Open¬ 
Scape  to  IP  and  traditional  telephony  sys¬ 
tems  from  Siemens  and  other  vendors, 
even  if  they  are  not  SIP-based,  says  Mark 
Straton,  senior  vice  president  of  global 
marketing  at  Siemens  Information  and 
Communication  Networks. 

OpenScape  is  in  alpha  testing  now,  with  a 
beta-test  version  due  next  month.  It  will  be 
generally  available  in  the  third  quarter  for 
about  $250  per  seat. 

With  the  release  of  OpenScape, “Siemens 
is  trying  to  recraft  itself  into  more  of  a  soft¬ 
ware  company  as  opposed  to  a  traditional 
PBX  maker)’ says  Brian  Riggs,  a  senior  ana¬ 
lyst  at  Current  Analysis. 

This  approach  is  a  trend  among  other 
PBX  vendors,  such  as  Avaya,  Nortel  and 
Alcatel,  he  says,  as  they  position  them¬ 
selves  to  compete  with  Cisco,  whose  strat¬ 
egy  relies  entirely  on  IP  and  convergence 
applications. 

Basing  OpenScape  on  SIP  was  a  good 
move  by  Siemens,  Riggs  says,  but  it  raises 
the  question  of  when,  or  if,  the  company 
will  fully  integrate  the  protocol  into  its 
HiPath  IP  PBX  line,  which  uses  a  mix  of 
proprietary  protocols  and  H.323  for  call 
control. 

He  adds  that  OpenScape  is  a  good  start, 
because  it  separates  Siemens  from  its 
rivals,  who  have  been  slow  to  release  SIP- 
based  gear:“Implementing  SIP  halfway  is 
more  than  what  a  lot  of  other  vendors 
have  done.” 

Although  Microsoft  wasn’t  talking  appli¬ 
cations,  it  did  showcase  development  tools 
for  the  forthcoming  Windows  CE  .Net  4.2 
that  will  let  manufacturers  integrate  voice 
support  into  IP-based  clients. 

Ultimately  Windows  CE-based  IP  phones 
and  other  devices  might  be  able  to  place 
calls  over  wireless  LANs, according  to  Scott 
Horn,  director  of  the  Embedded  and 
Appliance  Platforms  Croup  at  Microsoft. 

Microsoft  will  provide  in  Win  CE  4.2  a 
telephony  usei  interface  that  can  be  used 
to  build  features  such  as  custom  telephony 
application  interfaces. 

The  software  also  includes  a  VoIP 
Application  Interface  Layer,  an  application 
suite  and  a  set  of  APIs  that  support  SIPThis 


will  allow  devices  based  on  Win  CE  4.2  to 
serve  as  clients  to  Microsoft’s  Greenwich 
RTC  server. 

The  Win  CE  4.2  software,  which  is  sched¬ 
uled  to  ship  this  summer,  also  will  include 
Enterprise  Infrastructure  Integration  ser¬ 
vices  intended  to  simplify  the  integration  of 
computer  telephony  software  and  enter¬ 
prise  applications. 

Microsoft  hopes  Win  CE  4.2  will  foster  the 
integration  of  data  and  voice,  and  provide 
capabilities  such  as  managing  voice  mail 
and  e-mail  from  a  single  device  or  creating 
voice-driven  interfaces  to  back-end  ser¬ 
vices  such  as  databases. 

This  recent  movement  to  integrate  SIP 
support  in  applications  is  a  positive 
development,  Mark  Katsouros,  communi¬ 
cations  automation  engineer  at  the 
University  of  Maryland  in  College  Park, 
said  after  the  show. 

“SIP  seems  to  be  the  most  efficient  way  of 
implementing  VoIP”  Katsouros  said.“It  has  a 
lot  of  advantages  over  proprietary  proto¬ 
cols”  and  older  VoIP  standards,  promising 
improved  interoperability  and  capabilities 
that  extend  to  other  types  of  messaging 
beyond  voice. 

“As  the  technology  develops,  you’ll  see 
[VoIP]  creeping  out  more  to  the  edge  in 
the  form  of  IP  phones  and  applications  on 
desktops,"  he  adds. 

Other  announcements  at  the  show  relat¬ 
ing  to  SIP  and  VoIP  technology  included: 

•  A  SIP-based  multipoint  control  unit 
from  Rad  Vision  —  the  VialP  MCU  —  for 
controlling  videoconferencing  sessions 
among  SIP-based  Windows  Messenger 
clients. 

•  Fblycom’s  SIP-based  SoundStation  IP 
telephone,  with  support  for  multiple  lines, 
and  enhanced  sound  quality  through 
embedded  quality-of-service  mechanisms. 

•  Citel’s  CitelLink  IP  Handset  Gateway, 
which  could  be  used  to  let  digital  Nortel 


phone  handsets  receive  SIP-based  IP-based 
IP  Centrex  services  from  carriers.The  prod¬ 
uct  was  announced  with  support  from 
softswitch  maker  Sylantro  Systems. 

SIP,  today  and  tomorrow 

One  expert  speaking  at  VON  said  the 
increase  of  SIP  applications  is  a  good  start 
but  we’ve  only  scratched  the  surface. 

In  a  VON  keynote  presentation,  Henning 
Schulzrinne, associate  professor  of  comput¬ 
er  science  and  electrical  engineering  at 
Columbia  University  and  co-author  of  the 
IETF  RFC  outlining  SIP  said  SIP’s  contribu¬ 
tion  would  be  its  ubiquity  It  will  be  inte¬ 
grated  into  all  kinds  of  software  and 
become  as  much  a  part  of  enterprise  appli¬ 
cations  as  TCP/IP  “If  you  are  waiting  for  a 
killer  app  for  SiPyou  will  be  waiting  until 
you  are  dead.” 

Most  interpretations  of  SIP  are  too  tele¬ 
phony-centric,  Schulzrinne  said.  It’s  possi¬ 
ble,  for  example,  to  add  SIP-based  real¬ 
time  communications  and  voice  features 
to  Web  browsers  or  build  in  presence  or 
chat  interfaces  to  ERP  applications. 

Adding  such  services  to  network  applica¬ 
tions  will  become  easier  as  SIP  adoption 
progresses.  “We  need  to  get  away  from  the 
notion  that  services  are  created  by  special¬ 
ists, "Schulzrinne  says.Tools  are  needed  that 
can  allow  SIP  services  and  applications  to 
be  deployed  on  a  model  similar  to  creating 
personal  home  pages. 

As  for  the  gains  SIP  has  already  made, 
Schulzrinne  said  the  development  of  low- 
cost  SIP  devices  —  such  as  phones  and  PC 
software  —  have  made  the  technology 
more  accessible.  “We  are  getting  to  the 
point  where  you  don’t  have  to  put  on  desk¬ 
tops  a  PC-equivalent  device  —  in  terms  of 
cost  —  in  order  to  deploy  SIP." 

He  also  discussed  improvements  in  SIP 
voice  quality,  mentioning  tests  done  at 

See  Apps,  page  15 
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15  independent  software  vendors.  Tivoli 
executives  say  third-party  vendors  such  as 
SAP  can  potentially  integrate  the  auto¬ 
nomic  engine  into  their  products  and  sell 
it  directly  to  corporate  users.  And  network 
managers  can  buy  it  as  a  stand-alone 
product  and  tailor  the  software  to  their 
networks. 

Tivoli  competitors  BMC,  Computer  Asso¬ 
ciates  and  HP  are  expected  to  announce 
similar  product  road  maps  soon:  BMC  this 
week,  the  others  at  their  user  conferences 
this  summer. 

BMC's  plan 

Fresh  off  its  $42  million  acquisition  of  IT 
Masters,  BMC  this  week  will  lay  out  its  strat¬ 
egy  for  Business  Service  Management.  The 
company,  which  last  year  acquired 
Remedy  a  service  and  help  desk  software 
vendor,  says  with  IT  Masters’  MasterCell 
software  it  can  now  offer  enterprise  net¬ 
work  managers  integrated  service  manage 
ment.  MasterCell  correlates  events  and 
model  service  performance,  which  will 
complement  BMC’s  Patrol  application  and 
systems  management  portfolio. 

BMC  says  it  will  incorporate  technology 
across  its  software  lines  that  will  take  cues 
from  predefined  rules  and  detect  potential 
failures  in  devices  or  applications.  The 
products  expected  to  first  include  the 
MasterCell,  Remedy  and  Patrol  integration 
would  be  help  desk,  storage,  data,  asset, 
event  and  change  management  software. 
The  company  says  linking  the  data  collect¬ 
ed  by  those  products  will  enable  the  soft¬ 
ware  to  dynamically  update  service-level 
agreements,  detect  when  SLAs  might  be 
missed  and  take  measures  to  prevent  that. 

BMC’s  acquisitions  will  add  to  the  com¬ 
pany’s  ability  to  track  and  graphically  dis¬ 
play  system  and  application  perfor¬ 
mance,  says  Rich  Ptak,  president  of  Ptak& 
Associates.  Ptak  says  BMC  clearly  is  focus¬ 
ing  its  efforts  on  service  management. 
The  company  last  month  eliminated  part 
of  its  storage  management  line  and  real¬ 
located  staff  to  its  service  management 
team.The  newly  honed  focus  will  let  BMC 
put  intelligence  into  its  products  that  im¬ 
proves  management  features  and  eases 
user  implementations. 

“Management  vendors  went  from  man¬ 
aging  devices  in  isolation  to  collecting  a  lot 
of  data  from  everything  without  linking  it 
in  a  meaningful  way  to  now  at  least  under¬ 
standing  what  customers  need  to  do,”  Ptak 
says.“It’s  a  slow  process,  but  they  are  evolv¬ 
ing  their  products  to  manage  the  infra¬ 
structure  based  on  the  business.” 

BMC  plans  to  deliver  products  based  on 
its  Business  Service  Management  strategy 
in  the  coming  months.* 
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Columbia  in  which  SIP-to-SIP  performance 
was  better  than  cell  phone-to-TDM  phone 
links  in  terms  of  milliseconds  of  delay 

Proprietary?  Not  me! 

While  the  promise  of  SIP  was  touted 
widely  at  VON,  the  practical  adoption  of 
standards-based  protocols  and  other  VoIP 
interoperability  issues  were  hotly  debated 
at  the  Network  World  IP  PBX  Showdown, 
where  leading  convergence  vendors  took 
shots  at  each  other. 

The  VON  Showdown  was  hosted  by 
Network  World  Editor-in-Chief  John  Dix 
and  Mike  Hommer,  consulting  manager 
for  Miercom,  and  included  representa¬ 
tives  from  Alcatel,  Avaya,  Cisco,  Mitel  and 
Nortel  (read  more  about  the  Showdown, 
page  40). 

As  panelists  took  turns  grilling  each 
other  over  their  IP  PBX  products  and 
strategies,  the  issue  of  open  protocols  — 
who  was  using  SIP  and  how  much,  and 
the  use  of  proprietary  technology  — 
came  up  frequently.  And  Cisco  took  the 
brunt  of  the  heat. 

Jeanne  Bayerl,  director  of  product  market 
for  Alcatel,  brought  up  Ciscos  use  of  the 
proprietary  Skinny  Call  Control  Protocol 
(SCCP),and  asked  why  the  vendor  did  not 
embrace  open  standards  more. 

“Cisco  fully  supports  open  standards,” 
said  Bill  King, technical  marketing  manag¬ 
er  at  Cisco.  He  said  Cisco  phones  support 
H.323,  Media  Gateway  Control  Protocol 
and  SIP  and  said  the  company  supports 
SIP-based  gateways  and  proxy  servers, 
adding  “we’ve  shipped  more  SIP-based 
products  than  any  other  vendor  up  here.” 
He  also  said  Ciscos  SCCP  is  licensed  to 
partners  —  such  as  Polycom  and 
Spectralink  —  and  is  not  as  proprietary  as 
critics  make  it  out  to  be. 

Each  vendor  endorsed  SIP  as  a  strategy 
Alcatel  and  Mitel  said  their  IP  PBXs  could 
run  SIP  natively  while  Avaya,  Cisco  and 
Nortel  all  said  broader  SIP  support  for  their 
gear  was  in  the  works. 


Corrections 


■In  the  story  "Disk  saves  the  day," 

(March  24,  editorial  supplement,  page  8) 
Network  World  ms  supplied  with  incorrect 
information.  If  you  look  at  back-up  and 
restore  times  when  comparing  disk  and 
tape,  you  will  find  that  they  vary  greatly 
from  theoretical  figures  to  those  achieved 
in  real-world  situations.  The  story  has  been 
corrected  online  to  accurately  reflect  what 
users  will  see  in  their  environments 
(www.nwfusion.com,  DocFinder:  5042). 

■  The  story  "Nortel,  Vernier  pitch  new 
wireless  LAN  product,"  (March  31,  page  13) 
should  have  stated  that  the  AM  6500p  and 
IS  6500p  are  expandable  to  12  ports.  Also, 
the  pricing  for  the  Nortel  Access  Point  2220 
should  have  been  listed  as  S900. 


Avaya  and  Mitel  brought  up  the  closed 
protocol.  Mack  Leathurby,  Avaya’s  director 
of  converged  system  and  unified  commu¬ 
nication  applications,  mentioned  Ciscos 
use  of  its  proprietary  Cisco  Discovery 
Protocol  as  an  integral  management  func¬ 
tion, such  as  an  initializing  inline  power,  for 
its  CallManager  IP  telephony  system. 


“All  vendors  use  some  proprietary  proto¬ 
cols,”  Cisco’s  King  said,  adding  that  closed 
protocols  are  used  to  add  features  that 
standards  such  as  SIP  and  H.323  fall  short 
of.  And  firing  back  at  Avaya’s  Leathurby, 
King  added, “1  haven’t  seen  Avaya  working 
to  make  available  its  [Digital  Communi¬ 
cations  Protocol],”  which  Avaya  uses  in 


addition  to  H.323  for  adding  features  to  its 
IP  phones. 

—  Senior  Editor  John  Fontana  con¬ 
tributed  to  this  story. 

Get  more  information  online. 
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The  ZIP  4x4  integrates  the  functions  of  a  managed 
switch  with  a  business  phone,  and  adds  an  address 
book,  a  calculator,  and  a  speaker  phone. 

The  ZIP  4x4  is  100%  based  on  open  standards.  It  is 
compatible  with  any  IP  phone  system  using  SIP.  The 
phone  can  be  powered  from  an  ac  adapter  or  receive 
power  over  the  Ethernet  connection. 

All  Ethernet  ports  can  switch  traffic  at  wire  speed. 
Therefore,  only  a  single  circuit  needs  to  be  taken  to  the 
desktop,  to  provide  both  voice  and  data 
communications. 

The  phone  has  multiple  buttons,  multiple  LEDs,  and 
an  LCD  that  tilts.  End  users  can  access  all  standard 
features  without  plowing  through  menus  or  a 
frustrating  quagmire  of  soft  keys. 

To  learn  how  the  ZIP 4x4  can  be  rapidly  deployed, 
simplify  your  desktop,  and  enhance  productivity,  call 
us  or  access  our  web  site. 
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Competition  forces 
HP  to  slash  prices 


■  BY  JENNIFER  MEARS 

PALO  ALTO  —  In  an  effort  to 
improve  its  position  in  the  mid¬ 
range  Unix  server  market,  HP  is 
cutting  prices  on  its  core  offer¬ 
ings  by  about  20%,  rolling  out  en¬ 
hanced  customization  options 
and  expanding  its  server  capac- 
ity-on-demand  program. 

HP  last  Thursday  announced 
price  reductions  for  its  HP  9000 
midrange  Unix  servers,  which 
includes  the  16-processor  rp8400 
and  the  eight-processor  rp7410 
and  rp7405.  HP  also  reduced 
prices  on  components  such  as 
CPU  and  memory  as  well  as  sup¬ 
port  by  as  much  as  25%. 

The  company  also  is  expand¬ 
ing  customization  options  for 
customers  and  is  taking  its  on- 
demand  services  a  step  further 
by  offering  cell  boards  and 
memory  on  an  as-needed  basis. 
Cell  boards  are  what  the  mem¬ 
ory  and  processors  plug  into 
and  can  hold  up  to  four  pro¬ 
cessors  and  16G  bytes  of  mem¬ 
ory.  In  the  past,  customers  had 
to  pay  for  cell  boards  and  mem¬ 
ory  that  supported  all  the 
processors  in  the  box,  even  if 
some  of  those  processors  were 
idle  standbys. 

Downward  pressure 

Dimitris  Dovas,  worldwide  mar¬ 
keting  manager  for  midrange 
Unix  servers  in  HP’s  Business 
Critical  Systems  unit,  says  the 
moves  are  in  response  to  in¬ 
creased  competition  in  the  mid¬ 
range  Unix  market. 

IBM  and  Sun  also  reduced  serv¬ 
er  prices  earlier  this  year.  HP  holds 


the  No.  1  spot  with  about  40%  of 
the  $1.9  billion  market,  according 
to  IDC.  IBM  is  second  with  35%  of 
the  market,  and  Sun  ranks  third 
with  14%. 

“There  has  been  a  lot  of  intense 
price  competition  in  the  mid¬ 
range,  and  average  sale  prices 
have  fallen,”  says  Jean  Bozman, 
research  vice  president  at  IDC. 

“With  the  major  vendors  com¬ 
peting  so  intensely  with  each 
other  and  with  the  average 
price  dropping  in  the  midrange 
server  space,  customers  are 
benefiting  because  they’re  get¬ 
ting  a  lot  of  value  for  lower 
prices,”  Bozman  adds. 

HP  is  working  to  reduce  cus¬ 
tomers’  total  cost  of  ownership, 
and  one  way  of  doing  that  is  to  let 
customers  pay  only  for  what  they 
use,  Dovas  says.  HP  IBM  and  Sun 
all  offer  some  type  of  on-demand 
services. 

As-needed  services 

With  last  week’s  announce¬ 
ment,  HP  has  extended  beyond 
only  offering  CPU  processing 
power  as  needed  to  offering 
memory  and  cell  board  capabil¬ 
ities  on-demand.  That  means 
that  customers  can  get  servers 
with  idle  memory  and  idle  cell 
boards  and  activate  them  as 
needed  to  meet  spikes  in  work¬ 
load,  he  says. 

Customers  pay  a  fee  upfront 
and  then  pay  for  the  hardware  as 
it  is  activated,  Dovas  says. 

HP  also  is  taking  advantage  of 
increased  supply-chain  efficien¬ 
cies  in  its  factories  to  offer  more 
customization  options  without 
additional  charge,  Dovas  says.  ■ 


Falling  prices 


HP  is  dropping  prices  on  its  midrange  Unix  server  line. 
Decrease  Model 


20°, 
20 
10% 

10% 


.  rp7410  with  eight  750-MHz  CPUs  and  32G  bytes  of  memory. 

70  From  $291,910  to  $233,510. 

_  rp8400  with  16  750-MHz  CPUs  and  64G  bytes  of  memory. 

%  From  $578,600  to  $465,800. 

rp7410  with  eight  875-MHz  CPUs  and  32G  bytes  of  memory. 

From  $339,910  to  $305,510. 

rp8400  16  875-MHz  CPUs  and  64G  bytes  of  memory. 

From  $674,600  to  $609,800. 

rp7405: 

8-way  configuration.  From  $132,595  to  $113,113. 

y  configuration.  From  $72,995  to  $62,933. 
2-way  configuration.  From  $43,595  to  $41,600. 
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Merrill 

continued  from  page  1 

deploying  Web  services  that  open  up  Merrill  Lynch 
systems  to  systems  outside  the  firewall,  Carey  said. 
Exposing  services  across  the  Internet  is  a  low  priori¬ 
ty  —  and  one  that  won’t  get  attention  until  more 
mature  security  and  management  features  are  avail¬ 
able,  he  said. 

In  the  meantime,  Web  services  is  one  way  Carey 
plans  to  glean  more  value  from  Merrill  Lynch’s  $4 
billion-a-year  technology  and  services  budget, 
which  consumes  about  25%  of  the  firm’s  total  ex¬ 
penses.  “We’ve  been  spending  $4  billion  a  year  for 
years.  We’ve  got  to  get  more  out  of  it,”  Carey  said. 


Why  UDDI? 


Merrill  Lynch  Chief  Technology  Architect  Rick  Carey’s 
reasons  for  investing  in  a  Universal  Description, 
Discovery  and  Integration  registry: 

To  drive  Web  services  adoption  by  allowing  developers  to  find 
and  reuse  existing  services. 

To  provide  developers  with  information  on  how  to  integrate  Web 
services  with  business  processes. 

To  allow  business  partners  to  easily  find  and  work  with  Web  services. 

•  To  create  a  central  repository  of  all  products  and  services 
available  inside  the  firm. 

To  make  applications  more  reliable  by  allowing  Web  services 
consumers  to  automatically  discover  application  changes. 


Merrill  Lynch  wants  to  get  away  from  its  applica¬ 
tion-centric  history  of  proprietary  interfaces,  islands 
of  automation  and  costly  integration  middleware. 
The  firm  has  23,000  legacy  mainframe  applications 
in  production  —  a  “ridiculous”  number,  Carey  said. 
Eighty  percent  of  Merrill  Lynch’s  business  touches 
the  mainframe,  Carey  said. 

With  its  current  setup,  90  cents  of  each  develop¬ 
ment  dollar  was  spent  resolving  infrastructure 
issues,  leaving  only  10  cents  for  building  new  busi¬ 
ness  functions. 

Carey  would  like  to  see  that  ratio  upended.  The 
firm  is  working  to  get  to  a  service-centric  model  that 
takes  advantage  of  Web  services  tools,  its  untapped 
assets  and  standards-based  connections. 

For  starters,  developers  at  the  firm  created  an  appli¬ 
cation  called  XML  for  Merrill  Lynch  (X4ML)  that 
exposes  mainframe  transactions  —  from  Merrill 
Lynch’s  credit-card  processing,  corporate  Web  site 
and  trading  systems,  for  example  —  as  standard  Web 
services  interfaces.  The  COBOL-  and  Customer  In¬ 
formation  Control  System-based  application  lets 
CICS  programs  participate  in  Web  services  by 
accepting  Simple  Object  Application  Protocol  re¬ 
quests  from  the  Web,  converting  the  SOAP  requests 
into  formats  accepted  by  the  legacy  programs,  and 
then  converting  the  results  of  those  programs  into 
SOAP  responses. X4ML  runs  completely  within  CICS, 
requiring  no  middle-tier  hardware,  Carey  said. 

Regarding  its  untapped  assets,  Merrill  Lynch  is 
working  to  achieve  better  utilization  of  existing  re¬ 
sources.  The  firm  is  migrating  many  of  its  intranet 
sites  from  dedicated  Intel-based  servers  —  which 
typically  achieve  utilization  in  the  20%  range  —  to 
the  mainframe  running  Linux.  The  mainframe  con¬ 
sistently  logs  utilization  in  the  75%  range,  whereas 
Merrill  Lynch  was  “leaving  80%  on 
the  table"  with  its  distributed  data 
centers,  Carey  said. 


When  making  new  IT  purchases, the  firm  insists  on 
standards-based  technology  so  it  doesn’t  get  locked 
in  with  one  vendor.  Carey  makes  it  clear  to  vendors 
that  “the  moment  you’re  not  the  best,  we’re  going  to 
swap  you  out,”  he  said. 

Carey  wouldn’t  disclose  how  much  Merrill  Lynch 
has  spent  on  its  Web  services  initiatives,  but  he  said 
the  new  technology  has  reduced  integration  project 
timelines  from  years  to  months.  Developer  produc¬ 
tivity  is  on  the  rise.  Carey  is  starting  to  see  more  of 
every  development  dollar  go  toward  building  busi¬ 
ness  features  —  as  much  as  35  cents  as  opposed  to 
the  10  cents  allocated  historically 
The  number  of  CICS  applications  in  production  at 
Merrill  Lynch  is  no  longer  increasing,  and  Carey  ex¬ 
pects  it  to  begin  declining  as  the 
firm  develops  more  Web  services 
interfaces.  Ultimately  maintaining 
as  few  as  8,000  or  10,000  CICS  ap- 
ps  seems  like  a  reasonable  target, 
he  said. 

The  firm  is  cautiously  enthus¬ 
iastic  about  Web  services,  Carey 
said. That  the  two  biggest  vendors 
—  IBM  and  Microsoft  —  are  so 
committed  to  Web  services  gives 
the  firm  confidence  to  pursue 
Web  services  development.  The 
vendors’  alternately  cooperative 
and  competitive  relationship  is 
advantageous  to  technology  buy¬ 
ers.  “I  love  the  relationship  be¬ 
tween  IBM  and  Microsoft,”  he  said. 
“1  love  that  they  cooperate  at  these 
meetings  and  then  the  minute  they  separate  from 
these  meeting  they’re  just  back-stabbing  each  other 
to  death.” 

To  Carey,  the  two  most  promising  benefits  of  Web 
services  are  development  language  independence 
and  transport  independence.  He  doesn’t  want  to 
have  to  choose  between  Java2  Platform  Enterprise 
Edition  and  .Net,  for  example.“I  don’t  believe  in  one 
set  of  tools  for  all  jobs,”  he  said. 

However  with  regard  to  transport  independence, 
there’s  potential  but  little  progress,  Carey  said.  The 
ubiquitous  nature  of  TCP/IP  and  interoperable  mes¬ 
saging  capabilities  are  important.  But  he’d  like  to  see 
support  for  messaging  beyond  HTTP  For  example, 
he’d  like  to  be  able  to  use  something  more  reliable, 
such  as  IBM’s  WebSphere  MQ  messaging  platform. 

Also  missing  from  the  Web  services  picture  are 
mature  security  features  and  quality  of  service. 
“We’re  kind  of  forgiving  of  that  today’ Carey  said.“We 
won’t  be  forgiving  of  that  fairly  soon.” 

Until  security  improves,  Merrill  Lynch  remains  sel¬ 
ective  about  which  CICS  programs  it  will  expose  as 
Web  services.  “As  an  architect,  I  won’t  let  key  infor¬ 
mation  be  exposed,”  he  said. 

Carey’s  advice  to  his  peers  is  to  focus  on  building 
key  centralized  services  —  such  as  a  directory  of 
available  Web  services  based  on  Universal  Descrip¬ 
tion,  Discovery  and  Integration  (UDDI)  standards  — 
before  diving  into  individual  development  projects. 

A  solid  UDDI  foundation  drives  Web  services  adop¬ 
tion  and  increases  developer  productivity  by  allow¬ 
ing  developers  to  find  and  reuse  Web  services  imple¬ 
mentations,  he  said.  It’s  as  key  to  a  healthy  Web  ser¬ 
vices  infrastructure  as  a  stable  DNS  system  is  to  net¬ 
work  operations,  he  said. 

In  hindsight,  Carey  wishes  he  had  focused  on 

Get  more  information  online.  UDDI  earlier  “lf  y°u  let  mn 
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■  TCP/IP,  LAN/WAN  SWITCHES 

■  ROUTERS  ■  HUBS 

■  ACCESS  DEVICES  ■  CLIENTS 

■  SERVERS  ■  OPERATING  SYSTEMS 

■  VPNS  ■  NETWORKED  STORAGE 


Getting  Gigabit  to  desktops 

Standard,  proprietary  technologies  on  the  way  to  speed  PC  buses. 


■  IP-storage  start-up  Intransa  rolled 
out  its  first  product  last  week  —  a 
storage  array  that  uses  Advanced 
Technology  Attachment  drives  and 
attaches  to  the  Gigabit  Ethernet  net¬ 
work.  The  IP5000  Storage  System 
uses  the  iSCSI  protocol  to  transfer 
block-oriented  storage  data  over  the 
Ethernet  network.  It  has  3  to  10  tera¬ 
bytes  of  capacity  and  is  composed  of 
individual  storage  and  disk  enclosures 
that  connect  through  a  Layer  2  Gigabit 
Ethernet  switch,  ensuring  perfor¬ 
mance  and  capacity  increases  with¬ 
out  disrupting  applications. The  stor¬ 
age  array  ships  with  a  Windows-based 
graphical  management  interface  that 
lets  storage  administrators  monitor 
and  administer  the  device.  The  man¬ 
agement  software  gives  the  adminis¬ 
trator  the  ability  to  change  volume 
size,  mirror  volumes  or  add  or  delete 
them.  A  command-line  interface  also 
is  available.  The  IP5000  is  expected  to 
ship  in  June  for  $62,500  for  a  3.2  tera¬ 
byte  system. 

■  Newly  designed  Compaq  Pres- 
ario  notebook  and  desktops  will  pro¬ 
vide  integrated  wireless  LAN  technol¬ 
ogy  for  the  802.1 1g  standard,  HP  said 
last  week.  The  new  Compaq  Presario 
2500  and  2100  series  notebooks  are 
designed  to  work  with  wireless  net¬ 
works  based  on  the  draft  specifica¬ 
tion  of  the  802.1 1g  standard,  HP  said. 
The  integration  of  802.1 1g  technology 
makes  the  new  Presarios  better  suit¬ 
ed  for  sharing  files  and  viewing  digital 
media.  Like  Wi-Fi  devices  that  use  the 
802.11b  standard,  802.1 1g  wireless 
devices  operate  in  the  2.4-GHz  band. 
However,  802.1 1g  devices  support 
faster  data  transfer  rates  than  those 
using  802.11b:  54M  bit/sec  vs.  11M 
bit/sec.  The  Presario  2500  is  being 
sold  for  $1,200  with  a  $100  rebate  and 
comes  with  Intel  Pentium  4  proces¬ 
sors,  ATI  Mobility  Radeon  integrated 
graphics  card  and  IEEE-1394  high¬ 
speed  digital  video  port.  The  2100 
series  costs  $920  with  a  $100  rebate 
and  comes  with  a  Intel  Celeron  and 
Mobile  Pentium  4-m  processors, 
memory  configurations  up  to  1G  byte 
and  aType  l/ll/lll  PC  card  slot. 


■  BY  PHIL  HOCHMUTH 

Dramatic  price  drops  on  copper  Gigabit 
Ethernet  network  interface  cards  and 
switch  ports  have  caused  many  network 
professionals  to  take  no¬ 
tice.  But  because  many 
PCI-based  desktop  ma¬ 
chines  were  not  built  for 
Gigabit-speed  LANs, 
those  users  serious 
about  migrating  to  high¬ 
speed  PCs  might  have 
to  upgrade  more  than 
NICs  and  wiring  closet 
switches,  some  say 

“There  are  many  efforts  to  get  Gigabit 
Ethernet  into  the  client  area,  and  it  will 
probably  soon  be  a  check-box  item  for 
enterprise  IT  staffs,”  says  Tony  Pierce,  chair¬ 
man  of  the  PCI  Special  Interest  Group  (PCI- 
SIG),  a  standards  development  group 
responsible  for  the  PCI  technology  design. 


■  BY  TIM  GREENE 

SANTA  CLARA  —  Fortinet  this  week  is 
introducing  a  management  appliance  that 
claims  to  make  it  simpler  for  customers  to 
configure,  create  policies  for  and  adminis¬ 
ter  the  large  groups  of  the  company’s  multi¬ 
faceted  FortiGate  security  appliances. 

Called  FortiManager,  the  appliance  can 
manage  5,000  security  appliances,  which 
include  firewall,  VPN,  antivirus,  intrusion- 
detection,  content-filtering  and  traffic-shap¬ 
ing  software. 

The  FortiGate  security  appliances  moni¬ 
tor  traffic  at  the  junction  of  the  WAN  and 
LAN  where  they  enforce  policies  on  pack¬ 
ets.  Using  a  graphical  interface  on  the 
FortiManager  appliance,  users  can  set  poli¬ 
cies  for  any  security  applications  the 
device  supports. 

Each  FortiManager  can  be  accessed  by 
up  to  12  separate  Java-based  consoles  so 
multiple  administrators  can  use  the  box  at 
the  same  time.  The  device  also  can  be 
divided  into  different  management  do¬ 
mains,  with  each  domain  limited  to  a  sub¬ 
set  of  the  FortiGate  security  appliances 
being  managed.  This  lets  network  execu¬ 
tives  give  access  only  to  certain  adminis¬ 
trators,  for  example,  to  the  FortiGate  that 


Part  of  the  attraction  of  Gigabit  to  desk¬ 
tops  is  the  proliferation  of  inexpensive 
Gigabit  NICs,  with  many  available  for  less 
than  $100. Switch  vendors  also  are  pushing 
copper-Gigabit  desktop  links,  as  Cisco  last 
week  released  high-den- 
sity  10/1 00/ 1 000M  bit/ 
sec  switch  modules  for 
its  Catalyst  6500  switch, 
aimed  at  large  wiring 
closet  deployments.  PC 
vendors  such  as  Apple, 
Dell  and  HP  also  offer 
10/1 00/ 1 000M  bit/sec 
ports  integrated  into 
their  desktops. 

For  users  thinking  of  slapping  in  10/100/ 
lOOOBase-T  NICs  on  older  desktops,  Pierce 
warns  “you  will  get  better  performance  on 
those  systems,  but  not  at  the  level  that  you’d 
expect,  and  for  the  added  expense  you  will 
pay  for  upgrading  to  Gigabit.  A  lot  of  it 
depends  on  system  configuration.” 


guards  a  corporate  server  farm,  while  a 
larger  group  might  have  access  to  those 
FortiGates  at  remote  sites. 

Previously  customers  managed  FortiGate 
boxes  one  at  a  time  via  Secure  HTTP  Web 
interfaces.  “That’s  fine  if  you  have  a  few 
boxes,  but  that’s  not  fine  if  you  have  a  lot  of 


Fortinet's  FortiManager  appliance  can 
manage  up  to  5,000  other  devices. 


them,” says  Michel  Merle,  regional  manager 
for  PSINet-France,  which  beta-tested  the 
new  gear.  He  says  it  enables  setting  up 
restricted  access  for  users  that  want  author¬ 
ity  to  shape  traffic  so,  for  example,  video- 
conferences  have  enough  bandwidth,  but 
not  to  alter  firewall  settings. 

Merle  says  the  device  could  benefit  from 
a  tool  that  lets  users  create  policy  tem¬ 
plates  such  as  time-of-day  restrictions  for 
use  of  peer-to-peer  applications.  That 
would  make  it  even  simpler  to  configure 
large  numbers  of  FortiGate  appliances, 
he  says. 

The  common  management  platform  for 
the  multiple  functions  that  the  FortiGate 


The  issues  lie  with  the  PCI  shared  bus 
architecture,  which  has  a  total  bandwidth 
of  133M  byte/sec  between  peripheral  cards 
and  the  processor  and  memory 

“The  laws  of  physics  tell  you  that  you’re 
not  going  to  get  full-duplex  Gigabit  Ether¬ 
net  throughput,”  on  older  PCI  systems, 
Pierce  adds. 

He  says  newer  bus  architecture  technolo¬ 
gies  —  such  as  PCI-X  and  PCI  Express  — 
are  starting  to  catch  on  in  server  connec¬ 
tions  and  will  trickle  down  to  PCs. 

PCI  has  long  been  the  standard  bus  inter¬ 
face  for  connecting  devices  such  as  NICs, 
RAID  controllers,  modems  and  other  per¬ 
ipheral  cards  to  PCs  and  servers.  PCI-X  1.0 
was  introduced  in  2000  as  an  extension  of 
PC,  increasing  bus  speed  to  133  MHz.  PCI-X 
2.0  was  introduced  soon  after  PCI-X,  offer¬ 
ing  higher  bus  speeds,  from  266  MHz  to  533 
MHz.  Last  year,  the  PCI-X  1066  specification 
—  a  1066  MHz  bus  with  8G  byte/  sec  of 
See  Gigabit,  page  18 


boxes  support  can  reduce  the  amount  of 
training  IT  staffs  need  to  learn  manage¬ 
ment  platforms.  Using  the  multifunction 
boxes  also  cuts  the  setup  costs  vs.  buying 
separate  security  wares,  says  Eric  Ogren, 
an  analyst  with  The  Yankee  Group. 

Matthew  Kovar,  another  analyst  with  The 
Yankee  Group,  says  the  Fortinet  gear  falls 
into  a  category  of  equipment  he  calls  secu¬ 
rity  switches.  Competitors  include  Cross¬ 
beam,  Symantec  and  TippingFbint  Tech¬ 
nologies.  Such  equipment  performs  deep 
packet  inspection,  then  imposes  multiple 
policies  that  can  be  based  on  any  network 
layer.  So  the  device  can  perform  as  a  net- 
work-layer  firewall,  but  also  screen  for 
banned  content  at  Layer  7  based  on  an 
examination  of  a  packet. 

Fortinet  says  it  will  upgrade  FortiGate 
appliances  later  this  year  so  each  can  sup¬ 
port  multiple  virtual  systems,  meaning 
each  device  can  support  multiple  security 
policies  for  the  same  application.  For 
instance,  one  FortiGate  could  have  two  sets 
of  firewall  policies,  one  for  a  server  farm 
and  one  for  corporate  desktops. 

Pricing  for  FortiManager  starts  at  $12,000 
for  a  box  that  supports  25  FortiGate  units 
and  ranges  to  $53,000  for  one  that  supports 
1,000  units.  ■ 


Fortinet  uncorks  security  mgmt.  app 
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Once  again,  Brian  Valentine’s  mouth 
seems  to  have  started  running  away 
before  his  brain  could  engage  with 
ori-again,  off-again  pronouncements  about 
versions  of  Longhorn  and  Blackcomb,  the 
follow-ons  to  Windows  XP  and  Windows 
Server  2003,  respectively  Maybe  there’ll  be 
a  server  and  client  version  of  each.  Maybe 
there  won’t,  as  server  and  client  introduc¬ 
tions  are  staggered.  Maybe  there’ll  only  be 
incremental,  modular  operating  system  re¬ 
leases.  And  maybe,  just  maybe,  it  doesn’t 
matter  now.  But  the  senior  vice  president  of 
the  Windows  division  has  got  everyone 


Every  day  is  Valentine's  Day 


talking  about  the  Windows  operating  sys¬ 
tem,  hasn’t  he? 

I  first  came  across  young  Valentine  in  the 
late  1980s  when  he  was  a  brash  new  engi¬ 
neering  manager  in  Microsoft’s  networking 
area  (LANManager  at  the  time).  I  was  a  vol¬ 
unteer  system  operator  for  Novell’s  NetWire 
forum  on  CompuServe.  A  new  voice  had 
started  swooping  into  the  NetWire  forum 
and  promoting  this  new  network  operating 
system  from  Microsoft,  which,  of  course, 
fueled  the  wrath  of  the  NetWare  faithful. 

A  little  investigation  showed  that  the  mes¬ 
sages  were  originating  inside  Microsoft.  A 
little  further  investigation  (and  thanks  to 
some  friends  who  were  volunteers  in  the 
Microsoft  forums  on  CompuServe),  the 
identity  of  the  poster,  one  Brian  Valentine, 
was  exposed.  Did  he  slink  off  with  his  tail 
between  his  legs?  If  you  even  thought  that, 
then  you  don’t  know  him. 


Rather,  he  continued  to  laud  “his”  network 
operating  system  while,  all  the  time,  learn¬ 
ing  more  about  NetWare  than  anyone 
except  those  actually  working  for  Novell. 
The  culmination  of  all  this  was  a  planned 
appearance  by  Valentine  at  the  annual 
NetWire  pub  crawl  at  Dick’s  Last  Resort 
during  that  fall’s  NetWorld-Dallas  trade 
show.  There  were  a  few  hundred  people 
there  that  night,  partially  for  lead  system 
operator  John  McCann’s  bachelor  party, 
but  many  just  wanted  to  see  if  Valentine 
would  show  up.  Not  only  did  he  show  up, 
but  he  stole  the  show  with  his  gifts  of 
Microsoft  network  products  for  all  of  the 
NetWire  system  operators. 

he  next  time  you  think  Valentine’s  mouth 
is  getting  him  in  trouble,  take  another  look 
at  the  result. 

Kearns ,  a  former  network  administrator, 


is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@vquill.  com. 


Tip  of  the  Week 


I  won’t  be  joining  you  next 
week  in  Salt  Lake  City  for 
BrainShare.  For  the  first 

time  since  1987, 1  won’t  be 
on  hand  for  this  gathering  of 
the  NetWare  faithful.  But  it’s 
just  a  one  year  hiatus;  I’ll  be 
back  next  year.  Do  be  sure 
to  drop  me  a  note  telling  me 
all  about  your  impressions 
of  the  show. 


Gigabit 

continued  from  page  17 

bandwidth  —  was  launched.  PCI- 
X  1.0  and  2.0  are  used  mostly  in 
servers  and  some  desktops. 

Ultimately,  the  emerging  PCI 
Express  will  be  the  standard  bus 
architecture  of  choice  for  desk¬ 
tops  and  servers,  Pierce  says. 
That  architecture  promises  up  to 
16G  byte/sec,  or  128G  bit/sec, 
with  a  fully  switched  architec¬ 
ture.  The  advantage  is  similar 
advantages  of  switched  Ethernet 
over  shared  hubs. 

The  here  and  now  of  PCI 

For  now,  PCI-X  1 .0  is  used  more 
widely  on  servers  and  some 
newer  PCs,  but  the  technology  is 
not  as  widespread  as  standard 
PCI,  Pierce  says.  And  because 
mass  adoption  of  the  newer  PCI 
variants  probably  won’t  happen 
until  next  year,  some  vendors 
have  created  proprietary  meth¬ 
ods  for  making  PCs  and  servers 
Gigabit-ready 

Intel  recently  released  its  Com¬ 
munications  Streaming  Archi¬ 
tecture,  which  is  an  I/O  technol¬ 
ogy  that  bypasses  32-bit,  33  MHz 
PCI  bus  systems  and  allows  full 
duplex  Gigabit  Ethernet  support 
for  Intel  NICs. 

“With  PCI  and  Gigabit  Ethernet 
NICs,  you  have  a  very  high-speed 
connection  that’s  forced  to  share 
bandwidth  with  other  slots  on  the 
bus,”  says  Tun  Helms,  vice  presi¬ 
dent  of  Intel’s  communications 
group  and  general  manager  for 
its  platform  networking  group. 
“We’ve  removed  the  PCI  bottle¬ 
neck  by  offloading  the  LAN  traffic 
from  the  PCI  bus,  to  give  it  direct 
access  to  system  resources.” 

Helms  sa>  'l  ie  new  technology 
lets  PCI-based  systems  push  up  to 


1.7G  bit/sec  of  bandwidth  be¬ 
tween  the  NIC  and  system  mem¬ 
ory  and  processor,  up  from  about 
928M  bit/sec,  which  was  the  pre¬ 
vious  top  performance  on  an 
optimally  configured  Intel  PC 
or  server. 

“There  are  some  technology 
that  help  improve  Gigabit  Ether¬ 
net  performance  on  a  PCI  bus, 
but  they  are  proprietary’  PCI-SIG’s 
Pierce  says.“Some  of  these  propri¬ 
etary  efforts  were  created  due  to 
the  lack  of  a  high-speed  I/O  stan¬ 
dard  that  is  widely  available.” 

While  there  will  be  users  with 
immediate  needs  for  full-Gigabit 
performance  on  PCI  systems,  ulti¬ 
mately  standards  support  for  a 
faster  I/O  technology  will  be 
more  important  to  companies, 
Pierce  says.  By  the  time  wide¬ 
spread  demand  for  Gigabit  desk¬ 
tops  occurs,  which  he  expects 
over  the  next  few  years,  standards 
such  as  PCI-X  2.0,  PCI-X  1066  and 
PCI  Express  will  be  available  from 
equipment  makers. 

“In  a  few  years,  you  will  proba- 
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Getting  off  the  bus 

Faster  I/O  standards  are 
under  development  for 
letting  PCs  and  servers 
use  a  full  Gigabit 
Ethernet  pipe. 


Available  now 


•  PCI-X:  from  2G  to  4G 
byte/sec  per  slot. 


Coming  soon 


•  PCI-X  1066:  up  to  8G 
byte/sec  per  slot. 

•  PCI  Express  (formerly 
3GIO):  up  to  16G  byte/sec 
per  slot. 
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bly  be  looking  at  PCI-X  or  PCI 
Express  as  a  replacement  for 
most  desktop  systems,”  he  adds. 

Subgig  good  enough  for  some 

While  technology  options  vary 
and  new  standards  are  under 
development,  users  who  have 
installed  Gigabit  desktop  con¬ 
nections  today  say  the  perfor¬ 
mance  is  adequate. 

Aperio  Technologies,  a  San 
Diego  company  that  develops 
high-resolution  scanning  technol¬ 
ogy  for  microscope  slides,  uses 
Gigabit  Ethernet  NICs  in  its  PCI- 
based  desktops  for  moving  large 
image  files  around  its  network. 

“It’s  a  little  slower  than  full  Giga¬ 
bit,  like  you  would  expect,”  Ole 
Eichorn,  CTO  at  Aperio. 

“It  still  blows  Fast  Ethernet 
away/’  he  says,  adding  that  he  sees 
about  500M  to  800M  bit/sec  data 
transfer  rates  between  some  ma¬ 
chines.  “When  you’re  moving  a  2 
gigabyte  file  from  a  PC  to  a  server, 
[Gigabit  Ethernet]  is  a  nice  thing 
to  have.” 

At  Case  Western  Reserve  Univer¬ 
sity  in  Cleveland,  the  new  facility 
for  the  business  school  was  built 
with  10/100/1000M  bit/sec  ports 
to  every  office,  classroom  seat 
and  common  area  in  the  build¬ 
ing.  Many  students  use  school- 
issued  Dell  laptops  with  10/ 
100/1000M  bit/sec  cards,  and  fac¬ 
ulty  members  use  a  mix  of  PCs 
and  Macs  with  Gigabit  built  in. 

“We’re  not  getting  full  Gigabit 
throughput,  but  we’re  seeing 
about  80%  to  85%,  which  is  pretty 
good,”  says  Lev  Gonick,  CIO  and 
vice  president  of  IS. 

Gonick  says  students  use  the 
Gigabit  connections  mainly  to 
access  the  school’s  large  library  of 
multimedia  materials  hosted  on 
servers  in  its  data  center.  ■ 


SuSE  Linux  desktop 
slated  for  June  debut 


■  BY  JUAN  CARLOS  PEREZ 

Looking  to  brighten  the  allure 
of  having  Linux  on  enterprise 
desktops,  SuSE  Linux  last  week 
said  it  plans  to  ship  its  SuSE 
Linux  Enterprise  Desktop  oper¬ 
ating  system  in  June,  a  delay 
from  original  plans  to  ship  it 
during  the  first  quarter,  which 
just  ended. 

With  many  companies  using 
Microsoft  Windows  as  a  client  to 
SuSE  Linux’s  server  operating 
system,  SuSE  Linux  Enterprise 
Desktop  will  offer  those  compa¬ 
nies  an  option  to  run  SuSE  soft¬ 
ware  on  the  desktop  as  well. 

SuSE  Linux  Enterprise  Desktop, 
which  is  in  beta  testing  now,  will 
cost  $130  per  desktop,  although 
discounts  would  apply  to  high- 
volume  purchases,  says  Rafael 
Laguna,  SuSE’s  marketing  vice 
president. 

SuSE  Linux  Enterprise  Desktop 
would  be  the  company’s  third 
desktop  operating  system,  join¬ 
ing  SuSE  Linux,  the  entry-level 
member  of  the  family  aimed  at 
individual  users,  and  SuSE  Linux 
Office  Desktop,  aimed  at  small 
offices  with  its  network  and  disk¬ 
partitioning  capabilities,  he  says. 

SuSE  Linux  Enterprise  Desktop 


Linux 

Subscribe  to  our  free  newsletter. 
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will  share  the  code  base  with 
SuSE’s  other  desktop  and  server 
operating  systems,  which  gives 
users  a  high  degree  of  compati¬ 
bility  across  the  company’s  line 
of  operating  systems,  Laguna 
says. 

SuSE  Linux  Enterprise  Desktop 
will  be  tuned  for  companies  and 
government  agencies  that  have 
from  as  few  as  10  users  to  as 
many  as  100,000-plus  users,  La¬ 
guna  says. 

Consequently,  it  will  be  engi¬ 
neered  for  easy,  automated,  cen¬ 
tralized  large-scale  deployment 
and  management  through  ad¬ 
ministration  and  installation 
tools  from  SuSE.such  asYaST  (Yet 
another  Setup  Tool)  and  Auto- 
YaST,  and  from  third-party  ven¬ 
dors, such  as  Ximian’s  Red  Carpet 
Enterprise. 

It  also  will  feature  fonts  that  are 
metric-compatible  with  Micro¬ 
soft  fonts,  which  will  make  it  eas¬ 
ier  to  import  Office  documents, 
Laguna  says. 

The  product  will  ship  standard 
with  one  year  of  maintenance 
and  support,  which  gives  users 
access  to  patches,  product  up¬ 
dates  and  security  fixes;  buyers 
can  opt  to  pay  extra  for  addi¬ 
tional  years  of  maintenance  and 
support,  he  says. 

The  company  plans  to  provide 
more  details  about  the  product 
when  it  announces  it  in  May. 

Perez  is  a  correspondent  with 
the  IDG  News  Service's  Latin 
America  bureau. 


The  world’s  fastest  workgroup  color  printer  has  arrived. 
The  Xerox  Phaser®  7300.  You’d  better  hang  on. 
There’s  a  new  way  to  look  at  it. 


Now  color  speeds  through  any  office  at  30  ppm. 

The  Xerox  Phaser®  7300  tabloid  color  printer 
beats  all  speed  records  for  workgroup  color 
printing.*  And  at  37  ppm  black  and  white,  it 
eliminates  the  need  for  multiple  printers. 
You  get  consistent  2400-dpi  color  that’s  always 
bright,  sharp  and  brilliant.  The  Phaser  7300 


automatically  selects  the  correct  paper  size 
for  any  job,  up  to  12  x  18.  So  experience  a 
colorful  flurry  of  productivity  with  the 
Phaser  7300.  Or  let  your  office  soar  with  our 
full  line  of  reliable,  award-winning  network 
printers  by  calling  1-800-362-6567  ext.  1930 
or  visiting  xerox.com/officeprinting/bird1930 


The  Document  Company 
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•Based  on  rated  print  speed  of  workgroup  printers  in  the  $1,000-5,000  estimated  retail  price  category 
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Microsoft  set  to  boost  Win  Server  VPN  offerings 


■  BY  TIM  GREENE 

When  Microsoft  wheels  out  Windows  Server  2003 

this  month,  the  company  will  address  some  short¬ 
comings  of  its  embedded  VPN  technology,  mak¬ 
ing  the  software  more  attractive  to  users  looking  to  save 
money  connecting  remote  sites  over  the  Internet. 

While  the  company  has  included  VPN  capabilities  for 
free  in  its  PC  platforms  as  far  back  as  Windows  98,  other 
vendors  —  Check  Point,  Cisco,  NetScreen  Technologies, 
Nokia  and  Nortel  —  perennially  have  beaten  Microsoft 
in  sales  of  VPN  gear.  Upgrades  in  Windows  Server  2003 
improve  Microsoft’s  clients  and  servers.  Notably,  the  new 
software  will  introduce  features  such  as  denial  of  access 
to  the  VPN  if  the  PC  trying  to  connect  to  it  isn’t  config¬ 
ured  with  the  right  set  of  security  applications  such  as 
firewalls  and  antivirus  software. The  package  also  will 
expand  the  ability  to  move  VPN  traffic  through  firewalls 
and  make  stronger  authentica¬ 
tion  methods  possible. 

Many  vendors  already  supply 
these  features,  so  Microsoft  is 
playing  catch-up.  But  Microsoft’s 
widespread  use  is  an  advantage 
that  others  don’t  have.The  com¬ 
pany’s  NT,  2000  and  2003  servers 
can  function  as  VPN  gateways  to 
terminate  VPN  sessions.  Client 
support  is  available  via  Windows 
98,  ME,  2000  Professional  and  XP 
Pro. VPN  gateways  from  Cisco, 

Enterasys  Networks,  Nortel  and 
NetScreen  support  Microsoft  VPN 
clients.  Check  Point  says  it  will 
soon  offer  VPN  gateways  that 
support  Microsoft  VPN  clients. 

“The  [thing]  is  not  having  to 
touch  every  laptop.  If  they  have 
[a  Windows  operating  system] , 
they  have  basic  VPN  features 
built  in.  No  other  vendor  can  say  that,” says  Joel  Snyder,  a 
senior  partner  with  Opus  One  and  a  member  of 
Network  World’s  Global  Test  Alliance. 

Microsoft  VPN  server  software  could  be  a  moneysaver 
for  small  companies  by  having  their  servers  do  double 
duty  as  an  internal  server  and  WAN  gatewayTd  say  [it’s 
attractive  to]  small  enterprises  who  have  committed  to 
Windows  2000  at  their  remote  offices  and  who  have  sig¬ 
nificant  training  in  Microsoft  products  as  well  as  a  good 
solid  Active  Directory  implementation,”  Snyder  says. 

The  VPN  capabilities  that  come  with  Windows  Server 
platform  are  attractive,  but  aren’t  necessarily  the  most 
feature-rich,  experts  say.  For  instance,  the  ability  for  VPN 
traffic  to  cross  firewalls  that  perform  network  address 
translation  (NAT)  is  a  common  feature  of  most  VPN 
appliances  and  their  custom  clients,  but  something  that 
Microsoft  still  is  developing. 

Microsoft  has  hired  SafeNet  to  write  upgrades  for 
Windows  98, 2000  and  ME  clients  so  they  will  support 
NAT,  and  Microsoft  has  made  its  own  NAT  upgrades  for 
Windows  2000  and  Windows  XP  that  will  be  ready  in 
about  two  months, says  Mike  Chan,  technical  product 
manager  for  Microsoft  VPN. 

Firewalls  commonly  change  the  private  IP  addresses 


on  a  LAN  to  a  public  IP  address  for  traffic  that  crosses 
the  Internet  so  it  can  be  routed  properly.  NAT  is  also  a 
way  to  mask  the  private  network  IP  address  structure 
from  public  inspection  as  a  way  to  thwart  hackers. 
Microsoft  has  had  server  support  of  NAT,  but  it  is  not  as 
robust  as  other  vendors’,  Snyder  says. 

While  NAT  is  key  to  setting  up  VPNs,  users  also  seek 
more  secure  ways  to  ensure  that  remote  users  are 
authorized  to  log  on  to  the  VPN.  With  Windows  Server 
2003,  Microsoft  is  making  it  easier  to  use  public-key 
infrastructure  (PKI),a  more  stringent  machine  authenti¬ 
cation  method  that  ultimately  makes  it  harder  to  crack 
encryption. 

Rather  than  use  one  set  of  keys  to  encrypt  and  decrypt 
traffic, customers  can  use  a  pair  of  public  and  private 
keys  with  PK1.  But  to  set  this  up  securely,  the  machines 
involved  first  must  be  authorized.  Windows  Server  2003 
adds  a  certificate  authority  that  issues  digital  certificates 


to  the  machines  so  their  identity  can  be  proven  before 
admitting  them  to  a  VPN. 

Having  its  own  certificate  authority  is  an  improve¬ 
ment  over  the  method  that  Microsoft  servers  currently 
use  to  support  certificates,  says  Benny  Frederiksen,  a 
support  engineer  for  VPN  appliance  vendor  Intermate. 
“You  have  to  install  a  Windows  2000  certificate  server  if 
you  want  to  use  certificates,”  he  says,  making  the  net¬ 
work  more  complex. 

Windows  Server  2003  also  supports  more  ways  to 
authenticate  not  just  the  machine  but  the  person  who 
is  trying  to  log  on  to  the  VPN.  By  adding  support  for 
Extensible  Authentication  Protocol  (EAP),  Windows 
Server  2003  lets  users  employ  such  methods  as  smart- 
card  tokens  that  also  require  a  user’s  PIN. This  two-fac¬ 
tor  authentication  is  considered  more  secure  than 
simply  username  and  password.  EAP  is  a  framework 
that  allows  negotiating  what  authentication  mecha¬ 
nism  will  be  used. 

A  feature  called  Quarantine  is  another  safeguard 
being  added  to  Windows  Server  2003  to  protect  the  VPN 
before  a  user  is  admitted.  Quarantine  denies  VPN  access 
to  remote  machines  if  the  boxes  aren’t  configured  prop¬ 
erly.  So  if  the  machines  don’t  have  updated  antivirus  soft¬ 


ware  or  their  personal  firewalls  aren’t  turned  on,  for 
instance,  the  server  would  reject  the  VPN  session.  Users 
can  get  a  prompt  to  update  their  machines  or  be  for¬ 
warded  automatically  to  a  Web  site  where  they  can 
download  whatever  updates  they  need. 

Quarantine  is  set  up  through  a  Windows  Server  2003 
deployment  wizard  called  Connection  Manager 
Administration  Kit  (CMAK),a  30-pane  wizard  for  setting 
up  VPN  clients.  CMAK  asks  for  the  IP  address  of  the  VPN 
server,  a  name  for  that  connection,  the  authentication 
type  to  use  and  a  few  other  parameters. This  process  cre¬ 
ates  an  executable  file  called  a  connectoid  to  be  sent  to 
remote  machines  via  the  Web  or  floppy  or  Microsoft’s 
Systems  Management  Server. The  connectoid  self-installs 
and  is  compatible  with  Windows  98  clients  and  later. 

Many  VPN  vendors  offer  this  feature  via  alliances  with 
makers  of  remote  policy  enforcement  software  such  as 
InfoExpress,Sygate  and  Zone  Labs. 

Microsoft’s  VPN  architecture 
varies  from  other  vendors  that 
focus  on  IP  Security  (IPSec)  as 
their  core  technology. The  Micro¬ 
soft  method  uses  only  standards- 
based  technologies,  hence  its 
hybrid  nature,  Chan  says. 

The  software  supports  Foint-to- 
Point  Tunneling  Protocol 
(PPTP),  IPSec  and  Layer  2 
Tunneling  Protocol  running  over 
IPSec  (L2TP/IPSec),and  each 
has  different  uses.  PPTP  is  for 
small  organizations  that  want  to 
set  up  remote  access  easily  and 
quickly  Chan  says.This  is  done 
via  ISA  server  and  can  be  con¬ 
figured  in  minutes.  It  doesn’t 
require  digital  certificates,  and 
all  Microsoft  clients  support  it. 

L2TP/IPSec  is  a  more  secure 
method  —  Microsoft  says  the 
most  secure  —  of  creating  remote-access  VPNs.  L2TP 
provides  a  standard  method  of  authenticating  the 
user,  while  an  IPSec  tunnel  is  used  to  carry  the  en¬ 
crypted  traffic. 

IPSec  is  intended  for  connecting  server  to  server  for 
site-to-site  VPNs  that  let  many  users  at  one  site  tunnel 
through  to  resources  at  the  other. 

Windows  Server  2003  has  a  number  of  other  VPN- 
related  features: 

•  It  will  store  VPN  logs  in  XML  format,  making  it  easier 
to  sort  and  format  the  data  in  different  ways. 

•  It  adds  clustering  to  the  features  of  its  Remote  Au¬ 
thentication  Dial-In  User  Service  server  called  Internet 
Authentication  Service  (IAS).  IAS  can  be  installed  on 
separate  hardware  platforms  so  if  one  box  fails,  authenti¬ 
cation  for  the  VPN  remains  intact. 

•  It  combines  technologies  in  IAS,  Active  Directory 
and  Remote  Access  Server  to  recognize  and  admit  guest 
VPN  users  to  a  limited  subset  of  the  network,  making  it 
easier  to  set  up  temporary  access  for  business  partners. 

Microsoft  also  is  getting  ready  to  add  a  second  type  of 
VPN  to  its  client  for  PDAs.  Currently  the  client  supports 
only  PPTP  VPNs,  but  the  new  version  will  add  L2TP/ 
IPSec  support  to  its  Fbcket  PC  platform.  ■ 


Microsoft  VPN  not  for  everybody 

The  VPN  capabilities  that  come  with  Microsoft  client  and  server  software  don’t  address 
the  needs  of  all  corporate  customers. 


•  Save  money  at  small  and  branch  offices  by  using  •  Network  address  translation  is  finicky  with 
the  LAN  server  as  the  VPN  server.  clients  in  some  modes. 


•  IT  staff  trained  in  Microsoft  can  readily  pick  up 
the  necessary  VPN  skills. 

•  Remote-access  clients  already  are  distributed 
with  the  operating  system. 

•  Good  integration  with  Active  Directory  for 
distributing  clients. 

•  Client  works  with  Cisco,  NetScreen  and  other 
majorVPN  vendors. 


•  Requires  separate  server  box  if  security  dictates 
against  external  traffic  using  an  internal  server. 

•  Requires  a  full  Active  Directory  implementation. 

•  Its  most  secure  mode  —  L2TP/IPSec  —  is 
challenging  to  configure. 


The  Un wired  Office 
starts  inside. 
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High 
Performance: 

Extremely 
responsive  to  the 
most  demanding 
business 
applications 


Longer 
Battery  Life 

Power-conserving 
technology 
enables  extended 
battery  life. 
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intel.com 


Introducing  Inter  Centrino™  mobile  technology. 
The  new  generation  of  laptop  technology 
engineered  to  unwire  your  business. 


Until  now,  the  promise  of 
a  truly  wireless  workforce 
has  been  just  that:  a 
■pr^  promise.  Intel®  Centrino™ 
technology  mobile  technology  delivers 

on  that  promise  with  unprecedented 

levels  of  mobility  for  your  users 
and  an  easier  deployment  for  you. 
Intel  is  working  with  other 
industry  leaders  to  make 
wireless  networking  not  only 
reliable,  but  secure.  Intel  Centrino 
mobile  technology  is  compatible 
and  validated  with  Cisco  enterprise 
access  points.  And  Intel  continues 
to  work  closely  with  VeriSign, 
Check  Point  Software  and 
other  leading  technology  companies 
to  optimize  security  solutions. 
The  unwired  office  starts  inside. 


©2003  Intel  Corporation.  Intel.  Intel  Inside  and  the  Intel  Centrino  logo  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries. 
Other  names  and  brands  may  be  claimed  as  the  property  of  others.  All  rights  reserved  See  http://www.inte!. corrv'products/centrino/morejnfo  for  more  information. 


Can  your  antivirus  software  provide  double  the  scanning  power?  Ours  can. 

Making  sure  your  company  is  secure  gets  more  and  more  difficult  every  day.  That's  why  eTrusf“  Antivirus  v7  from  Computer 
Associates  uses  dual  scanning  engines  to  ensure  comprehensive  virus  protection.  It  processes  data  in  real  time  to  search 
out  and  eliminate  viruses,  and  it  also  scans  files  during  prescheduled  and  off-peak  hours.  All  at  the  cost  of  most  single¬ 
engine  AV  products.  It's  more  than  just  twice  the  protection.  It's  twice  the  peace  of  mind.  ca.com/etrust/antivirus 


eTrusf  Antivirus 


Computer  Associates® 
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■  Staffware  PLC  and  Fqjitsu  Soft¬ 
ware  will  soon  release  new  versions 
of  their  business  process  manage¬ 
ment  software  suites.  Staffware 
Process  Suite  Version  2  SPS  is  a 
modular  set  of  applications  for  run¬ 
ning,  modeling  and  managing  business 
processes  such  as  staff  tasks  and 
supplier  interactions.  A  key  new  fea¬ 
ture  in  SPS  2  is  Dynamic  Process 
Orchestration,  which  lets  different 
processes  be  called  up  on  the  fly  in 
response  to  signals  from  other  appli¬ 
cations  and  events.  The  technology 
lets  designers  draw  on  predictive  fea¬ 
tures  to  control  complex  processes, 
rather  than  having  to  hard-wire  all 
possible  process  coordination  steps, 
Staffware  says.  SPS  2's  price  varies 
depending  on  a  project’s  size  and  con¬ 
figuration,  but  it  starts  at  about 
$100,000.  Meanwhile,  Fujitsu  Software 
this  week  will  release  the  latest  edi¬ 
tion  of  its  Interstage  i-Flow  Web- 
based  BPM  engine.  I-Flow  6.0  adds 
new  analytics  features,  along  with 
improved  error  handling,  simplified 
forms-creation  technology,  and  a  tool 
for  creating  and  modifying  encoded 
business  rules  without  having  to  write 
additional  code,  Fujitsu  says. 

■  As  government  rules  increase  the 
burden  on  companies  to  better  track 
and  manage  information,  content 
management  vendors  are  stepping  up 
their  records  management  capabili¬ 
ties.  Documentum  this  week  is  re¬ 
leasing  Enterprise  Records  Man¬ 
agement  Edition,  software  that 
treats  all  content  —  from  electronic 
documents  to  paper  files  —  as  re¬ 
cords.  Businesses  can  then  set  rules 
as  to  how  the  records  should  be  ar¬ 
chived  or  destroyed,  based  on  corpo¬ 
rate,  regulatory  or  legal  requirements. 
Enterprise  Records  Management  Edi¬ 
tion  uses  technology  Documentum 
gained  with  the  acquisition  of  records 
management  firmTrueArc  last  fall. 
Documentum  also  says  the  records 
management  product  can  be  integrat¬ 
ed  with  online  storage  products  from 
companies  such  as  EMC.  Enterprise 
Records  Management  Edition  costs 
$30,000. 


Andreessen  assesses  browser  prospects 


Ten  years  ago  this  month,  a 
team  of  programmers  at  the 
University  of  Illinois  ’  National 
Center  for  Supercomputing 
Applications  loaded  a  pro¬ 
gram  on  an  FTP  server  that 
could  be  accessed  by  almost 
anyone  on  the  Internet. 
Mosaic  was  the  culmination 
of  work  launched  about  six 
months  earlier  by  NCSA  researchers  Marc  Andree¬ 
ssen  and  Eric  Bina.  Within  a  year,  there  were  millions 
of  Mosaic  users  worldwide. 


Web  browser  with  Network  World  Senior  Editor 
John  Cox. 


What  have  been  the  main  results  of  the  invention  of  the  Web 
browser? 

The  big  result  is  that  the  browser  makes  it  possible  to  cre¬ 
ate  Web  sites.  In  the  early  months,  there  was  very  little  con¬ 
tent  to  actually  view.  It  wasn’t  like  you  had  Time  magazine 
online.  But  it  also  made  it  very  easy  for  people  to  view  what 
was  there.  We  went  to  10,000  Mosaic  users  quickly,  and  to 
100,000  in  about  three  or  four  months.  And  the  number  of 
Web  sites  [available  to  be  viewed]  tracked  the  same  way  It 
was  the  network  effect,  a  snowballing.  And  it  still  is  [contin¬ 
uing], The  browser  catalyzed  all  that  in  the  first  place. 


Andreessen,  the  quintessential  Internet  pro¬ 
grammer,  is  the  board  chairman  of  Opsware,  for¬ 
merly  Loudcloud,  a  Sunnyvale,  Calif.,  vendor  of 
data  center  management  software.  He  talked 
recently  about  the  future,  present  and  past  of  the 


OK,  so  the  future  of  the  Web  browser  is  what9 

After  10  years,  it’s  still  a  user  sitting  in  front  of  a  Web 
browser  viewing  HTML  services.  It’s  not  [about]  XML,  Java 
applets,  the  semantic  Web.  It’s  HTML  and  some  JavaScript. 

See  Andreessen,  page  26 


Recovery  tool  targets  Win  OS  failures 


■  BY  JOHN  FONTANA 

AUSTIN,  TEXAS  —  It’s  the  first  thought 
after  a  system  crash:  Has  any  data  been 
lost? 

Winternals  thinks  it  can  ease  the  panic 
with  Recovery  Manager,  software  that  tar¬ 
gets  operating  system  failures  on  Windows 
servers  and  desktops.  Recovery  Manager, 
introduced  last  week,  lets  administrators 
access  and  recover  unstable  or  un- 
bootable  systems  via  the  network  from  a 
single  console. 

Recovery  Manager  is  not  a  replacement 
for  traditional  system-recovery  tools  such 
as  re-imaging  and  tape  backup,  but  a  light¬ 
weight  option  that  targets  operating  system 
failures  on  Windows  Server  2003,  XP  2000 
and  NT4. 

While  traditional  tools  will  restore  sys¬ 
tems  to  the  last  backup,  Recovery  Manager 
will  recapture  a  hard  disk’s  data  back  to  the 
last  time  a  Save  command  was  executed, 
according  to  Winternals  officials. 

“There  is  general  dissatisfaction  with  cur¬ 
rent  [recovery]  products  in  that  they  can 
be  hard  to  deploy,  maintain  and  use,”  says 
Ray  Paquet,  an  analyst  with  Gartner. 
“Winternals  is  trying  to  ease  that  by  focus¬ 
ing  on  recovery  of  the  [operating  system] 
But  Paquet  says  that  Recovery  Manager 


Backup  and  deploy 

As  companies  move  away 
from  worrying  about  how 
long  it  takes  to  back  up  data 
to  how  quickly  systems  can 
be  restored,  they  will  begin 
to  deploy  replications  and 
point-in-time  copying  as 
recovery  options  for 
critical  applications, 
according  to  Gartner. 


solves  only  a  piece  of  the  recovery  puzzle 
in  that  it  focuses  solely  on  recovering  the 
operating  system  and  not  specific  applica¬ 
tions  or  data. 

But  Winternals  says  that  70%  of  the  caus¬ 
es  of  downtime  in  Windows-based  systems 
are  rooted  in  the  operating  system  and 
therefore  Recovery  Manager  can  clean  up 
the  mess  faster  than  traditional  tools. 

Recovery  Manager  competes  with  similar 
software  from  Aelita,  Altiris  and  Veritas. The 
software  uses  what  it  calls  Recovery  Points, 
which  are  copies  of  a  machine’s  system 


and  configuration  files  including  a  copy  of 
the  Windows  Registry.  An  agent  that  is  sent 
by  Recovery  Manager  to  the  target  server 
or  desktop  collects  the  Recovery  Points. 
The  agent  inventories  the  complete  system 
the  first  time  it  visits  a  machine  and  sends 
the  data  to  a  central  repository  On  follow¬ 
ing  visits,  the  agent  only  records  changes 
made  since  the  last  Recovery  Point.  The 
agent  uninstalls  itself  after  every  collection 
and  does  not  live  on  the  target  system. 

Recovery  Points  are  used  to  restore  a  sys¬ 
tem  if  it  goes  down. They  are  similar  to  the 
System  Restore  feature  of  Windows  XPbut 
that  tool  doesn’t  let  users  restore  an  un- 
bootable  system.  Recovery  Manager  can 
by  using  its  Recovery  Manager  Boot  client. 

The  boot  client  can  be  run  from  the  start¬ 
up  menu,  CD-ROM  or  a  network  boot.  Re¬ 
covery  Manager  also  features  a  Recovery 
Wizard  that  lets  users  roll  back  changes, 
perform  custom  repairs  focused  on  known 
problems  such  as  corrupted  files,  change 
passwords  or  create  boot  clients  on  a 
machine.  The  Wizard  also  can  produce 
reports  on  system  changes  and  uncover 
what  caused  a  problem. The  software  also 
includes  a  management  console  tha‘  Inte¬ 
grates  with  Active  Directory 

Recovery  Manager  costs  $300  per  server 
and  $30  per  workstation.  ■ 
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Over  the  past  few  weeks  a  number  of 
state  legislatures  have  started  to  con¬ 
sider  similar  bills  —  apparently  at  the 
behest  of  the  copyright  folks  —  that  fail  to 
take  into  account  the  unintended  conse¬ 
quences  of  the  Digital  Millennium  Copy¬ 
right  Act. 

The  DMCA  has  not  done  much  to  protect 
the  legitimate  rights  of  copyright  holders, 
but  it  has  hurt  the  quality  of  American  soft¬ 
ware  and  American  competitiveness.  It  has 
done  this  by  making  it  illegal,  or  at  least 
very  risky,  to  tell  a  company  that  the  secur¬ 
ity  in  the  products  it  is  using  is  crappy  If  a 
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Bad  law  or  really  bad  law? 


company  cannot  find  this  out  before  the 
bad  guys  uncover  its  secrets,  the  compa¬ 
ny’s  products  and  sometimes  its  very  exis¬ 
tence  are  at  risk. 

The  same  folks  that  brought  you  the 
DMCA  are  trying  to  improve  it  at  the  state 
level.  Most  parts  of  these  laws  are  actually 
not  as  bad  as  the  DMCA,  although  that 
wouldn’t  be  all  that  hard.  But  there  is  some 
sloppy  writing  that  could  have  a  worse 
effect  than  the  DMCA  does,  and  that  would 
be  hard. 

The  Texas  version  of  the  bill  says,  in  part: 
A  person  commits  an  offense  if  he  or  she 
intentionally  manufactures  or  sells  a  com¬ 
munication  device  with  an  intent  to  “con¬ 
ceal  from  a  communication  service  pro¬ 
vider,  or  from  any  lawful  authority  the  exis¬ 
tence  or  place  of  origin  or  destination  of 
any  communication.” 

Most  of  the  bill  is  targeted  at  people  who 
do  things  with  an  intent  to  defraud,  but 


this  section,  if  enforced  literally, could  out¬ 
law  network  address  translators  and  com¬ 
mon  configurations  in  firewalls,  both  of 
which  conceal  the  actual  source  and/or 
destination  of  a  communication  by  rewrit¬ 
ing  the  network  addresses.  As  I’ve  written 
before,  I’m  no  fan  of  these  devices  used  in 
this  way,  but  outlawing  them  would  be 
quite  silly 

But  the  real  problem  with  the  way  this 
section  is  written  is  that  it  could  be  read  to 
outlaw  secure  VPNs.  Such  VPNs  are  what 
everybody  should  use  if  they  are  connect¬ 
ing  back  to  a  corporate  network  when 
they  are  on  the  road  or  at  home.  But 
because  secure  VPNs  are  actually 
encrypted  tunnels,  all  of  my  communica¬ 
tion  —  including  the  destination  and 
source  of  any  e-mail  that  I  read  or  send 
through  a  VPN  —  is  concealed  from  the 
local  service  provider  and  any  lawful 
authority  that  might  be  listening. 


www.nwfusion.com 


1  hope  this  is  not  what  the  bill  actually  is 
trying  to  control.  If  it  were  trying  to  outlaw 
encrypted  communications  between  trav¬ 
elers  and  the  companies  that  employ 
them,  silly  would  not  be  the  word  to 
describe  the  idea.  Maybe  someone  with  a 
tiny  bit  of  clue  will  fix  this  before  any  of 
these  bills  get  approved.  Note  that  I'm  not 
implying  that  these  state-level  bills  will 
actually  help  fix  the  problems  that  the 
copyright  people  have  —  the  only  things 
that  will  help  here  are  some  new  business 
models.  But  at  least  let’s  not  destroy 
American  business  to  protect  a  few  copy¬ 
right  holders. 

Disclaimer:  Harvard  deals  with  be¬ 
quests  not  behests,  and  the  above  is  my 
own  opinion. 

Bradner  is  a  consultant  with  Howard 
University's  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 


Q  A 

Andreessen 

continued  from  page  25 

The  difference  is  that  now  it’s  500  million 
people  doing  this,  with  something  like  3  trillion  or 
so  HTML  pages. 

It’s  the  same  dynamic  as  TV.  TV  was  invented  in  1950. 
Today,  we  have  500  channels  instead  of  three.  But  it’s  the 
same  model,  exactly  as  it  was  50  years  ago.  Once  these 
things  get  started,  it’s  hard  to  slow  them  down. 

What  about  the  idea  of  the  semantic  Web,  new  tags  that  will 
let  applications  and  computers  automatically  interact? 

The  semantic  Web  [means  you  have  to]  retag 
everything  that’s  out  there  [in  HTML  content]. 
Uhmm,  no.  I  don’t  think  so.  But  if  the  browser  isn’t 
changing,  the  [original]  architectural  changes  are 
still  relevant. 

How? 

Before  the  browser,  if  a  business  had  a  software  appli¬ 
cation,  then  that’s  what  it  would  give  to  its  employees, 
period. They  never  even  conceived  of  exposing  their 
applications  to  anyone  else. 

With  the  browser,  all  this  changed.  Amazon  and  eBay 
today  have  millions  and  millions  of  people  using  Ama¬ 
zon  and  eBay  applications  via  the  Web.  Consumers  log 
on  to  their  PC  and  typically  now  are  running  applica¬ 
tions  on  someone  else’s  computer. 

[So]  you  can  get  [Web]  services, and  transactions, 
and  all  this  stuff.  EBay  has  thousands  of  servers  running 
very  complex  applications  in  a  complex  infrastructure 
to  make  this  possible.  But  the  users  just  see  Web  pages. 

How  will  wireless  technologies  affect  this  model? 

Wi-Fi  [wireless  lANs  based  on  the  IEEE  802.1 1  stan¬ 
dard]  will  be  the  dominant  form  of  the ‘wireless 
Internet.’ 

Five  years  ago,  my  PC  was  linked  to  the  Internet  via  a 
dial-up  connection.  I’d  dial  up  my  provider.log  on,  use 
my  computer  online  for  a  while,  then  log  off. That  takes 
a  lot  of  effort. 

With  Wi-Fi,on  the  other  hand,  as  the  way  to  access 


DSL  or  cable  modems,  every  computer  is  on  the  net¬ 
work  all  the  time. Your  usage  pattern  changes  at  once: 
you  use  your  computer  on  the  network  intermittently, 
dozens  of  times  a  day  You’re  using  it  therefore  more 
often  in  more  day-to-day  activities.  Wi-Fi  makes  this  all 
much  easier. 

What  about  the  wireless  Internet  based  on  cellular  data 
services? 

Cell  phone  data  is  a  complete  market  failure  in  the 
U.S.  because  the  user  experience  is  deeply  inferior  to 
what  you  do  with  a  browser  on  the  PC  or  even  a  hand¬ 
held.  Cell  phone  browsers  based  on  [Wireless  Applica¬ 
tion  Protocol]  just  make  you  want  to  cry 

You're  not  a  fan  of  converged  devices? 

There  will  be  multiple  devices  [for  each  user], and 
wireless  networking  will  enable  that  kind  of  diversity 

When  1  first  went  to  a  Kentucky  Fried  Chicken  restau¬ 
rant,  they’d  give  you  a  spork  —  something  that  was  half¬ 
spoon  and  half-fork.  And  I  thought, ‘why  don’t  we  have 
this  at  home?’ And  here’s  why:  because  what  you  actu¬ 
ally  want  is  to  have  a  good  fork  and  a  good  spoon.  And 
the  spork  is  neither. 

The  multipurpose  device  will  always  fail. 

What's  been  Microsoft's  contribution  to  the  browser? 

Undoubtedly,  an  overwhelming  benefit  has  been  the 
proliferation  of  the  browser.  Hundreds  of  millions  of 
people  now  have  access  to  it.  Microsoft  has  been  a  very 
effective  force.  But  it’s  also  been  a  force  in  the  eradica¬ 
tion  of  the  commercial  [browser]  market,  and  the  elimi¬ 
nation  of  any  incentive  to  change  the  browser.  It’s  not 
like  they’ve  changed  a  lot  [in  it]. 

What's  hot  in  browser  technology? 

There’s  nothing  emerging  right  now.  Creativity  stopped 
in  1997.  Before  that,  there  were  huge  numbers  of 
changes:  dynamic  HTML,  JavaScript,  Java  mail,  plugins 
for  security  and  other  functions.  And  these  were  created 
by  Netscape  and  many  others. 

What  killed  the  creativity? 

The  browser  market  went  away. There’s  no  commercial 
incentive.  It’s  all  free.The  browser  today  is  basically 
what  it  was  in  1998-99.The  good  news  is  that  everyone 


knows  what  a  browser  is  and  what  it  does. 

What  about  the  open  source  browser  project  Mozilla? 

Mozilla  could  affect  this.  It  has  lots  of  developers  and 
a  fair  amount  of  users.  But,  again,  there’s  no  commercial 
incentive  to  create  a  competitor  [to  Microsoft’s  Internet 
Explorer] . 

At  the  beginning,  you  posted  the  beta  version  of  Mo¬ 
saic  on  an  FTP  server,  not  even  a  Web  browser,  be¬ 
cause  the  Web  in  effect  didn’t  exist  at  the  time.  How 
did  the  idea  of  graphic  user  interface  [GUI]  for  the 
Internet  arise? 

We  were  at  the  University  of  Illinois,  at  the  NCSA.  Ori¬ 
ginally  the  idea  was  to  create  supercomputers  at  a  cen¬ 
tral  site,  and  then  let  researchers  log  onto  them  from 
around  the  U.S. 

But  that  model  quickly  didn’t  make  any  sense,  be¬ 
cause  we  all  had  these  powerful  Unix  workstations  on 
our  desks.  So  the  focus  was  shifting  toward  enabling  the 
Internet  as  a  medium  for  research  and  science.  We  were 
part  of  the  software  development  effort  to  do  that. 

We  needed  to  put  a  full  GUI  front  end,  as  people  had 
come  to  expect  on  the  desktop.  Originally,  it  was  a  rene¬ 
gade  project  with  no  [official]  permissfon.lt  turned  out 
people  really  liked  it. 

It  was  a  free  program,  on  the  share-everything  Internet  Why 
make  it  into  a  commercial  product  by  creating  Netscape? 

We  took  Mosaic  as  far  as  we  could  in  a  research  envi¬ 
ronment.  [There,]  we  could  do  new  things  without 
worrying  about  return-on-investment  requirements.  But 
you  couldn’t  hire  support  people  for  the  users.The  Na¬ 
tional  Science  Foundation  doesn’t  pay  for  technical 
support  people. 

So  we  decided  to  start  Netscape  around  this  idea. 

In  hindsight  would  you  change  anything  in  the  first  release? 

Probably  not.  Although  there  was  one  feature  that  was 
temporary  in  Mosaic:  the  Back  and  Forward  buttons. 
That  never  made  a  lot  of  sense  to  us.  Back  to  what? 
Forward  to  what?  We  thought  there  would  be  a  better 
way  to  navigate.  But  no  one  ever  came  up  with  one. 

When  we  started  Netscape,  we  added  stuff,  such  as  a 
safe  way  to  do  secure  transactions.The  first  Mosaic 
release  was  for  Unix,  and  we  quickly  changed  to  Win¬ 
dows.  At  Netscape,  Windows  became  our  priority  ■ 


WIRE-SPEED  10  GIG  ETHERNET.  UNDER  $I0K  A  PORT 
A  COMPLETE  PRODUCT  LINE.  IT'S  HERE. 


Riverstone  Networks  presents  its  XGS™  family  of  Layer  3  switches  -  the  first  complete  line  of  true  10  Gigabit-enabled  switches  - 
at  a  breakthrough  price  point.  Scaling  up  to  640  Gbps  capacity  and  800  Mpps  throughput,  the  XGS  family  is  engineered  to  meet  the 
stringent  demands  of  mission  critical  networks  and  their  bandwidth-hungry  applications,  such -as  video 
streaming,  voice  over  IP.  CRM/ERP  tools,  interactive  e-learning  and  e-collaboration,  to  name  a  few. 

_____  inn  nii 

.  || j  jj||.  Take  note:  the  XGS  family  offers  scalable  Layer  2  MPLS  for  point-to-point  and  point-to-multipoint  VPN 

--j|j  |Jj--  !!l  Hffi  connections,  wire-speed  switching  and  routing,  QoS  for  prioritizing  traffic  and  multicast  for  multimedia 

applications  -  all  at  no  extra  charge.  In  addition,  the  XGS  family  is  IPv6  ready.  From  the  carrier  edge  to  the 
ESBS&B  campus,  Riverstone's  XGS  family  is  changing  the  way  the  industry  sees  10  Gigabit  Ethernet. 


To  change  the  way  you  see  10  Gig  Ethernet,  call  us  at  877-778-9595,  or  visit  riverstonenet.com 


■  ■  ‘towura  tew-'!  K  k  rights  reserved  Rive-sKr*  Networks  t*  R  verstaie  Networks  logo  Bandwidth  with  Brairs  and  XGS  are  trademarks  or  servicemarks  of  Riverstone  Networks.  Inc 
s  a  registered  Wdemarkof  the  NASDAQ  Stock  Market  Inc  Al  other  irademanss  mentioned  herein  belong  to  their  respective  owners.  NASDAQ:  RSTN 


-  If  you  can’t  count  on  your 
managed  hosting  provider, 
your  systems  and  applications 
might  as  well  be  here. 
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Today,  there  is  a  hosting  provider  that  offers 
financial  stability,  technical  expertise  and  a  record 
of  customer  satisfaction:  SunGard. 


Thinking  of  outsourcing  your  systems  and  applications?  Or  switching  providers?  Be  aware  that  some 
hosting  providers  have  made  deep  cutbacks.  Others  are  in  financial  trouble.  But  one  offers  you  the  secure, 
scalable  service  you  want:  SunGard. 

We  offer  a  robust,  reliable  infrastructure  and  highly  secure  environment.  Plus  a  full  line  of 
services,  including  intrusion  detection,  remote  monitoring,  managed  tape  back  up  and  more. 
Best  of  all,  SunGard  is  growing  and  financially  stable  -  with  new  Internet  facilities,  a  strong 
reputation  as  a  business  continuity  leader  and  the  resources  of  a  global  Fortune  500 
company  behind  us. 

If  you’re  ready  to  outsource  your  hosting  responsibilities  or  switch  providers,  see  our  White 
Paper  about  high  availability  web  architectures  -  “Ensuring  High 
Availability  for  your  Web  Environment.”  To  view  or  download  it  visit 

www.esourcing.sungard.com/ha 


SUNGARD 

Availability  Services 

The  Net  Beneath  You 


■  WIRELESS  ■  REGULATORY  AFFAIRS 


■  BellSouth  recently  launched 
its  first  managed  IP  VPN  service 

called  Managed  Network  VPN. 

The  service  is  available  throughout 
BellSouth's  service  area  in  the 
Southeast. 

The  carrier's  service  is  based  on 
Multi-protocol  Label  Switching  tech¬ 
nology  that  BellSouth  has  deployed 
throughout  its  IP  network.  BellSouth 
is  one  of  a  handful  of  incumbent  local 
exchange  carriers  that  now  are  sup¬ 
porting  IP  VPN  services  including 
SBC  and  Verizon.  BellSouth  says  it 
has  signed  up  several  customers  to 
use  the  service  including  Lynk 
Systems.  Lynk  is  using  the  Network 
VPN  service  to  connect  its  fleet  of 
point-of-sale  terminals  and  automat¬ 
ed  teller  machines.  Price  information 
for  the  service  was  unavailable. 

■  The  application  service  provider 
market  continues  to  consolidate,  with 
the  latest  merger  between  Blue- 
Star  Solutions  and  Agilera. 

BlueStar  announced  last  week  that  it 
had  signed  an  agreement  to  acquire 
Agilera,  which  is  based  in 
Englewood,  Colo.  BlueStar  is  an  ASP 
that  manages  strictly  SAP  applica¬ 
tions.  With  the  acquisition,  BlueStar 
will  add  Agilera's  expertise  in  mes¬ 
saging  and  enterprise  resource  plan¬ 
ning  applications  such  as  J.D. 
Edwards  and  Lawson  into  its  mix.  The 
combined  company  will  be  based  in 
Cupertino,  Calif.,  and  will  have  more 
than  100  customers.  Terms  of  the 
deal  were  not  disclosed. 

■  As  expected,  Graham  Wallace  is 

stepping  down  as  CEO  of  Cable  & 
Wireless,  the  company  announced 
last  week.  The  carrier  is  appointing 

Francesco  Caio  as  its  new  CEO. 
C&W  has  also  created  the  position  of 
COO,  which  Kevin  Loosemore  will 
hold.  In  January,  the  carrier  an¬ 
nounced  several  executive  shifts, 
which  included  the  company's  inten¬ 
tion  to  replace  Wallace.  Before  join¬ 
ing  C&W,  Caio  was  founder  and  CEO 
at  European  ISP  Netscalibur  and 
before  that  was  CEO  at  Omnitel 
and  Merloni. 


AT&T  offers  new  VoIP  options 

IP  PBXs  are  supported  for  the  first  time. 


■  BY  DENISE  PAPPALARDO 

SAN  JOSE  —  AT&T  is  expanding  the 
reach  of  its  voice-over-IP  services  by  sup¬ 
porting  additional  vendor  gear,  including 
for  the  first  time  IP  PBXs. 

The  carrier  announced 
last  week  at  the  Spring 
2003  Voice  on  the  Net  con¬ 
ference  that  it  has  certified 
IP  telephony  gear  from 
Avaya  and  Cisco  for  its  man¬ 
aged  VoIP  services.  AT&T  Labs  tested 
Avaya’s  IP  Telephony  Solutions  gear  and 
Cisco’s  IP  PBX  and  software  to  ensure  inter¬ 
operability  with  the  carrier’s  network  and 
VoIP  services. 

While  support  for  Avaya’s  gear  expands 
the  choice  of  gateways  and  servers  that 
customers  can  use,  this  is  the  first  time 


AT&T  is  supporting  an  IP  PBX. 

“Directly  supporting  an  IP  PBX  platform 
is  more  efficient  because  voice  calls  do 
not  need  to  be  converted  to  packets;  they 
originate  as  packets,”  says  Joe  Aibinder, 
director  of  AT&T  voice  over 
Internet  services. 

In  the  past,  AT&T  Man¬ 
aged  VoIP  customers  were 
limited  to  using  gateway 
devices  and  servers,  such 
as  Avaya’s  products,  which 
convert  TDM  voice  calls  into  packetized 
traffic  for  delivery  over  IP  or  frame  relay 
networks. 

Customers  that  use  Cisco’s  IP  PBX  elimi¬ 
nate  the  TDM  conversion  because  voice 
traffic  is  packetized  from  a  user’s  desktop, 
Aibinder  says. 

“We’ve  been  hearing  from  big  cus- 


Managed  VoIP 

AT&T  expands  its  VoIP  services 
with  support  for  additional  cus¬ 
tomer  premises  gear  including: 


•  Avaya  IPTelephony  Media  Gateway 
Avaya  IPTelephony  Media  Server 

•  Avaya  MultiVantage  software 

•  Cisco  IP  PBX 

•  Cisco  CallManager 

SOURCE:  AT&T 

tomers  . . .  that  they  want  to  know  we  can 
support  [IP  PBXs] .  They’re  not  demand¬ 
ing  it  now,  but  they  want  to  know  we  can 

See  AT&T,  page  31 


Equinix  offers  multihoming  service 

Company  uses  peering  points  to  more  than  100  networks. 


■  BY  JENNIFER  MEARS 

FOSTER  CITY  CALIF —  Organizations  that 
multihome  network  connections  from  dif¬ 
ferent  service  providers  might  get  more 
than  the  high  availability  and  optimal  per¬ 
formance  they  seek  from  such  arrange¬ 
ments:  Managing  multiple  bills  and  setting 
up  the  routing  necessary  to  use  multiple 
ISPs  can  turn  into  a  headache. 

In  answering  that  concern,  Equinix  is 
launching  a  service  that  it  says  simplifies 
the  use  of  multihoming,  which  is  the  pro¬ 
cess  of  buying  bandwidth  from  multiple 
providers  and  using  the  best  performing 
link  at  any  given  moment.  Equinix  is  taking 
advantage  of  its  business  model, which  pro¬ 
vides  peering  points  for  more  than  100 
networks,  to  give  customers  easier  access 
to  multiple  ISPs. 

David  Passmore,  research  director  at  the 
Burton  Group,  says  the  service  puts  multi¬ 
homing  in  reach  of  more  companies. 

“Typically,  it’s  only  the  largest  enterprises 
that  can  afford  to  do  this  and  who  have  the 
skills  to  implement  [Border  Gateway 
Protocol],” he  says.“Equinix  makes  it  more 
of  a  turnkey  implementation  so  that  enter¬ 
prises  don’t  have  to  have  a  bunch  of  rocket 
scientists  on  staff  who  understand  how  to 


set  up  BGP  routing  tables.” 

Instead, customers  using  the  new  service, 
called  Equinix  Direct,  make  one  connec¬ 
tion  within  the  Equinix  data  center  and 
then  have  access  to  multiple  ISPs.They  use 
a  Web-based  portal  to  choose  service 
providers  and  direct  how  traffic  is  routed. 
Without  the  Equinix  Direct  service,  cus¬ 
tomers  would  have  to  establish  separate 
contracts  with  each  ISPsays  Jay  Adelson, 
Equinix’s  founder  and  CTO. 

Equinix  uses  patent-pending  BGP  de¬ 
vices  called  Equinix  Direct  Route  Servers 
(EDRS)  that  talk  to  customer  routers, 
telling  them  where  to  route  traffic. 

“Traffic  doesn’t  go  through  the  EDRS  box. 
It  listens  to  the  EDRS  box  and  determines 
where  to  go,"  Adelson  says. 

Adelson  says  that  customers  are  not 
required  to  commit  to  bandwidth  usage 
and  that  contract  lengths  are  only  30  days. 
At  the  same  time,  customers  get  bandwidth 
at  prices  30%  to  60%  lower  than  what  they 
would  get  if  they  contracted  directly  with 
the  ISPs,  and  only  one  bill  to  deal  with,  he 
says.  They  also  have  service-level  agree¬ 
ments  directly  with  participating  ISPs. 

Cost  per  megabit  varies,  and  customers 
pay  Equinix  a  port  fee,  which  is  $250  per 


month  for  10/100M  bit/sec  connections 
and  $500  per  month  for  a  Gigabit  port. The 
port  fees  are  waived  for  the  first  six  months, 
Equinix  says. 

Today,  15  service  providers,  including 
Level  3  and  Yipes  Communications,  are 
participating  in  the  service,  which  is  avail¬ 
able  in  Equinix’s  Washington,  D.C.,  and  San 
Jose  data  centers. 

More  service  providers  are  expected  to 
sign  on  and  the  service  will  be  rolled  out  in 
other  Equinix  data  centers  according  to 
customer  demand,  the  company  says. 
Equinix  already  has  10  customers  for  the 
service,  including  eBay/PayPa!  and 
Alloy.com.  ■ 


More  online! 

Try  a  demo  of  Equinix  Direct. 
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EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


Carriers  need 
to  think 
‘integration' 


I’ve  spent  the  past  few  weeks  in  discus¬ 
sions  with  IT  executives  about  their  ex¬ 
periences  with  service  providers. 

The  upshot  is  the  IXCs  are  in  trouble. 
The  big  problem  is  a  fundamental  mis¬ 
match  between  what  customers  are  asking 
for  and  what  service  providers  sell. 

What  most  IT  executives  want  from  their 
carriers  can  be  summed  up  in  one  word: 
integration.  “I’d  like  to  be  able  to  write  one 
contract  covering  my  global  voice  and  data 
services,  and  have  the  carrier  deliver  to  it,” 
one  executive  says. 

“Anytime,  anywhere  connectivity’’  says 
another. 

What  most  service  providers  sell,  how¬ 
ever,  is  bandwidth  —  bandwidth  that’s 
packaged  and  managed  and  protected  by 
a  service-level  agreement,  sure  —  but  still 
bandwidth. 

The  difference  between  integration  and 
packaged  bandwidth  is  the  difference 
between  fruit  salad  and  whole  fruit. 
Imagine  going  into  a  supermarket  for  fruit 
salad  and  being  directed  to  row  upon  row 
of  apples  and  pears, each  buffed  to  a  sheen 
and  lovingly  wrapped  in  tissue  paper  — 
but  not  chopped,  mixed  and  packaged  in 
an  airtight  plastic  container,  ready  to  serve 
to  the  12  dinner-party  guests  that  will  sit 
down  at  your  table  in  half  an  hour.  See  the 
difference? 

It’s  starting  to  get  critical  because  for  the 
first  time,  IT  shops  at  midsize  to  large  com¬ 
panies  are  starting  to  talk  seriously  about 
turning  away  from  the  WAN  services  IXCs 
offer  and  implementing  Internet-based 
VPNs  as  their  primary  WANs.  (Internet- 
based  VPNs  rely  on  encryption  technology 
across  the  Internet,  as  distinct  from  net- 
work-based  VPNs  based  on  services  from  a 
single  carrier  using  technologies  such  as 
Multi-protocol  Label  Switching.) 

Says  one  executive:“After  extensive  traffic 


analysis,  I  realized  that  the  majority  of  the 
traffic  on  my  WAN  is  external.  So  why 
should  1  pay  the  extra  money  to  transport 
this  traffic  over  my  internal  WAN?” 

This  executive  is  seriously  considering 
an  Internet-based  VPN,  and  he’s  not  alone. 
By  my  informal  estimate,  a  majority  of 
small  to  midsize  organizations  are  relying 
on  Internet-based  VPNs  for  their  services. 
As  the  bigger  companies  begin  to  go  this 
route,  service  providers  can  expect  margin 
compression  and  decreasing  revenue  for 
business  services  such  as  frame  relay 
and  ATM. 

Now  setting  up  and  configuring  an 
Internet-based  VPN  is  primarily  an  integra¬ 
tion  exercise.  You’re  buying  fruit  salad 
instead  of  fruit. 

At  first  blush,  this  might  not  look  like  such 
a  problem  for  the  IXCs  because  they’re  also 
the  major  Internet  providers:  The  revenue 
ends  up  in  their  pockets  either  way  But  that 
misses  the  point.  The  real  effect  is  on  ser¬ 
vice  provider  business  models. 

If  you  believe  what  you’re  selling  is  band¬ 
width,  your  entire  sales  and  operations 
divisions  are  optimized  around  selling, 
managing  and  monitoring  that  band¬ 
width.  If  you’re  selling  integration,  you 
focus  your  time,  effort  and  resources  on 
making  that  integration  as  seamless  as 
possible.  You  start  to  look  more  like  the 
new  IBM  (selling  primarily  services) 
instead  of  the  old  IBM  (selling  primarily 
hardware  and  software). 

Not  many  IXCs  have  made  the  leap.  And 
until  they  do,  they’ll  continue  to  struggle  . . . 
or  end  up  like  IBM’s  erstwhile  competitor, 
DEC,  which  never  did  figure  it  out. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com 


AT&T 

continued  from  page  29 
do  it,”  he  says. 

Although  the  Cisco  IP  PBX  setup  lets  cus¬ 
tomers  use  IP  phones  on  their  desktops,  the 
system  is  still  limited  to  H.323  support. 
Aibinder  says  AT&T  uses  Session  Ini¬ 
tiation  Protocol  (SIP)  signaling  at  the 
core  of  its  network,  but  now  products  are 
limited  to  the  H.323  protocol. 

SIP  is  considered  by  many  to  be  the 
preferable  technology  because  it  more 
quickly  and  efficiently  sets  up  and  tears 
down  calls.  WorldCom  has  supported  SIP 
gear  since  it  rolled  out  its  first  VoIP  services 
more  than  two  years  ago. 

While  the  core  of  AT&T’s  network  is 
based  on  SIP  Aibinder  says  AT&T  is  not 


married  to  any  one  standard  and  all  ser¬ 
vices  will  be  “backward  compatible.”  Al¬ 
though  AT&T  plans  to  offer  support  for  SIP- 
enabled  customer  premises  gear,  it  will 
continue  to  support  its  H.323  customers  in 
the  long  term,  he  says. 

“There  are  real  benefits  with  SIP’  says 
Vijay  Bhagavath,  analyst  at  Forrester  Re¬ 
search.  “It’s  one-tenth  as  complex 
as  H.323." 

AT&T  is  committed  to  supporting  SIP  so 
they  are  moving  in  the  right  direction,  but 
they  should  have  gotten  there  sooner,  he 
says.“WorldCom  has  leap-frogged  AT&T  in 
terms  of  its  SIP  based  services  and  (AT&T) 
has  to  treat  them  as  a  significant  competi¬ 
tor.  They  cannot  ignore  (WorldCom)  by 
saying  it’s  in  financial  trouble.” 

AT&T  declined  to  reveal  pricing.  ■ 


LARGEST  CAPACITY 

320  GB  -  60%  more  than  the  nearest  competitor!* 

HIGHEST  PERFORMANCE 

32  MB/s  -  Up  to  33%  faster!* 

LOWEST  COST  PER  GB 

Up  to  46%  lower!*  m 

bf 

PROTECTS  YOUR  INVESTMENT 

Backward  compatible  to  DLTtape™  IV  media 

IDEAL  FOR  AUTOMATION 

Best  combination  of  storage  density,  performance 
and  durability 


BROADEST  PLATFORM  ACCEPTANCE 

Over  2  million  drives  and  80  million  cartridges  sold 
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INDUSTRY-LEADING  ROADMAP 

First  with  a  path  to  over  one  terabyte 


and  100  MB/s* 


See  for  yourself  why  the  SDLT  320 
is  the  highest  performing  drive 
on  dry  land  today! 

Go  to  320reasons.com. 


'When  compared  to  LTO  1 ,  AIT-3  and  Mammoth  2  drives. 

Where  mentioned,  capacities  and  transfer  rates  are  compressed. 
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are  trademarks  and  the  Super  DLTtape  logo  is  a  registered  trademark  of 
Quantum  Corporation. 
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Riverstone  lowers  entry  bar  for 

Sub-$10K  per-port  cost  intended  to  create  demand,  spur  adoption. 


10G 


establish  a  new  entry  price. 

Riverstone’s  XGS  line  of  10G 
Ethernet  switches  are  priced  at 
just  less  than  $10,000  per  port  — 
one-third  the  cost  of  competing 
products  and  below  the  average 
cost  of  10  1G  bit/sec  Ethernet 
ports,  the  company  says.  By  pric¬ 
ing  the  switches  at  this  level,  the 
company  hopes  to  dismantle  a 
significant  barrier  to  10G  Ether¬ 
net  adoption  while  creating 
demand  for  its  products  in  a  fru¬ 
gal  market  that  does  not  yet 
require  10G  Ethernet  capacity, 
analysts  say 

“1  don’t  think  we  need  10G  at 
this  point;  what  would  you  do  with  it?” asks 
Michael  Kennedy,  principal  and  co¬ 
founder  of  Network  Strategy  Partners. 

Kennedy  says  it  could  be  used  to  aggre¬ 
gate  1G  bit/sec  metropolitan  Ethernet  ser¬ 
vices  once  service  providers  roll  out  those 
offerings. 


Riverstone's  new  gig 

Features,  functions  of  XGS  switches: 

160G  to  640G  bit/sec  switching  capacity. 

«  200  million  to  800  million  packet/sec 
forwarding. 

•  Half-rack  and  quarter- 
rack  configurations. 

Redundant  fabric 
and  CPU,  ‘‘hitless" 
failover  and  modular 
code  base. 


“But  that 
rollout  is 
very  evolution¬ 
ary  so  there’s  probably  not  a  lot  of 
demand  for  10G  bit/sec  capacity”  he  says. 

Riverstone’s  XGS  line  consists  of  two 
switches:  the  XGS  9016  and  the  XGS  9008. 
The  9016  is  a  half-rack,  16-slot  chassis  with 


320G  bit/sec  of  switching 
capacity  and  400M  packet/ 
sec  of  throughput  that’s  up¬ 
gradeable  to  640G  bit/ 
sec  and  800M  packet/sec 
with  a  second  fabric. 

The  9008  is  a  quarter- 
rack,  eight-slot  system  with 
160G  bit/sec  of  capacity 
and  200M  packet/sec  of 
throughput,  upgradeable 
to  320G  bit/sec  and  400M 
packet/sec  with  that  sec¬ 
ond  fabric.  Both  switches 
feature  Riverstone’s  Hitless 
Protection  System  soft¬ 
ware  for  resiliency  and 
Multi-protocol  Label  Switching  for 
traffic  engineering,  company  officials  say 
Knology,  a  service  provider  in  the 
Southeast,  is  beta-testing  the  XGS  systems 
for  deployment  in  a  video-on-demand  ser¬ 
vice  infrastructure. 

See  Riverstone,  page  35 


Internet  Photonics  unleashes  GSLAM 

Aggregation  system  designed  for  cable  operator  deadends  and  service  providers’  POPs. 


■  BY  JIM  DUFFY 


SANTA  CLARA  —  Riverstone  Networks 
this  week  will  enter  the  10G  bit/sec 
Ethernet  market  with  switches  designed  to 


■  Tellabs  recently  announced  that  it 
is  expanding  its  OEM  relationship  with 
White  Rock  Networks  by  investing 
in  the  company.  Under  the  arrange¬ 
ment,  Tellabs  will  market  and  sell  a 
customized  version  of  White  Rock's 
VLX2020  next-generation  SONET 
add/drop  multiplexer,  which  supports 
interfaces  ranging  from  DS-1  to  OC- 
192,  and  Ethernet.  Tellabs  also  now  will 
offer  a  customized  version  of  White 
Rock's  VLX1010,  a  wavelength  division 
multiplexing  platform  that  supports  a 
migration  from  coarse  WDM  to  dense 
WDM  for  customers  requiring  greater 
capacity.  The  companies  also  are 
working  to  develop  interoperability 
between  the  customized  White  Rock 
products  and  Tellabs'  6400  transport 
switch,  6500  transport  switch  and 
5500  digital  cross-connect.  They  also 
are  jointly  pursuing  Operations  Sys¬ 
tems  Modifications  for  the  Integration 
of  Network  Elements  certification  and 
a  combined  management  system 
product.  To  underscore  the  expanded 
relationship,  Rob  Pullen,  Tellabs' 
senior  vice  president  of  North  Amer¬ 
ican  sales,  will  serve  on  White  Rock's 
board  of  directors. 

■  WaveSmith  Networks  last  week 
extended  its  DN  multiservice  edge 
switches  with  Multi -protocol  Label 
Switching  capabilities  and  unveiled 
three  additions  to  the  line:  the  DN 
8100  multiservice  switch;  the  Multi¬ 
service  Forwarding  Module  for 
all  DN  switches;  and  MPLS  software 
that  runs  on  the  MSFM  and  on  the 
existing  packet  forwarding  module. 
Pricing  for  the  new  products  was  not 
disclosed.  They  are  expected  to  be 
available  in  the  fourth  quarter. 


■  BY  JIM  DUFFY 

MARLBOROUGH,  MASS.  —  Internet  Pho¬ 
tonics,  a  developer  of  optical  Ethernet  and 
10G  bit/sec  metropolitan  transport  sys¬ 
tems,  last  week  announced  a  high-end 
aggregation  and  switching  system. 

The  company’s  LightStack  Gigabit  Ser¬ 
vices  Line  Access  Multiplexer  (GSLAM)  is 
designed  to  aggregate,  switch  and  multi¬ 
plex  services,  including  managed  ser¬ 
vices,  over  any  fiber  facility  without  dis¬ 
rupting  existing  traffic.  The  system  inte¬ 
grates  optical  transport,  access  service 
aggregation,  switching  and  add/drop  mul¬ 
tiplexing  functions  in  one  device,  and  can 
support  64  Gigabit  Ethernet  connections 
per  chassis  and  256  per  fiber  for  cable 
headend  and  service  provider  point-of- 
presence  applications. 

The  LightStack  GSLAM  is  a  nine  rack- 
unit  chassis  with  eight  service  module 
slots. The  platform’s  fabric  allows  aggrega¬ 
tion  and  switching  of  any  port  to  any  port, 
Internet  Photonics  says. 

Two  service  modules  are  available:  an 
eight-port  Gigabit  Ethernet  module  and  a 


single-port  10G  bit/sec  dense  wavelength 
division  multiplexing  (DWDM)  trunk 
module.  The  eight  Gigabit  Ethernet  con¬ 
nections,  each  with  its  own  “circuit-like” 
subchannel  for  low  latency  and  jitter,  are 
multiplexed  onto  one  10G  bit/sec  DWDM 
wavelength. 

The  LightStack  GSLAM  also  features 
Internet  Photonics’  SONET  WrapAround 
technology,  which  inserts  optical  Ethernet 
services  onto  the  same  fiber  as  SONET/ 
synchronous  digital  hierarchy  (SDH)  ser¬ 
vice  traffic  using  different  wavelengths 
and  without  disrupting  existing  traffic.The 
system  also  can  provide  network  fault 
detection  and  protection  switching  within 
50  microsec,  Internet  Photonics  says, 
which  is  1,000  times  faster  than  SONET/ 
SDH’s  50-millisec  recovery. 

The  LightStack  GSLAM  can  be  used  with 
Internet  Photonics’  existing  LightStack  MX 
and  MXA  transport  and  access  platforms 
deployed  in  remote  hub  sites  or  premises. 
The  system  already  is  deployed  in  a  large 
cable  operator  network  and  is  in  trials  with 
another  operator.  Currently,  it  also  is  under¬ 
going  the  Telcordia  Operations  Systems 


Modifications  for  the  Integration  of 
Network  Services  Process, a  prerequisite  for 
sales  to  incumbent  local  exchange  carriers 
and  regional  Bell  operating  companies. 

Separately  Internet  Photonics  announced 
that  Cablevision  is  deploying  more  than 
200  of  the  company’s  optical  Ethernet  and 
WDM  transport  platforms  in  its  video-on- 
demand  network.  The  operator  has  com¬ 
pleted  deployment  in  eastern  Long  Island, 
in  New  Jersey  and  in  the  New  York- 
Connecticut  area  for  service  that  will  reach 
3  million  homes,  Internet  Photonics  says.  M 


More  online! 


Read  more  details  about 
the  Internet  Photonics  architect .urn. 
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industry-standard  technology 
such  as  Intel1  Xeori"  processors. 


Dell  J  Enterprise 

In  a  recent  Dell  test,  running  Oracle®  9/ on  a  Dell  server  solution  had  anywhere  from  a  3x  to  8x  price/performance  advantage  over  Sun.1 

Whether  using  an  Intel®  Xeon”  processor-based  4P  PowerEdge”  6650  or  2P  PowerEdge  2650,  the  Dell  solution  was  faster  and  less  expensive  than 
a  Sun  Fire  V480  solution.  To  see  complete  test  results,  go  to  www.dell.com/migration12. 

There’s  little,  if  any,  debate:  Migrating  from  UNIX  to  a  standards-based  solution  lowers  TCO.  The  real  questions  are  "Flow  does  it  perform?/  "How 
much  will  it  lower  TCO?"  and  "Who  do  we  turn  to?”  Well,  when  you  migrate  to  open  standards,  remember  this:  Dell  gives  you  both  mind-bending 
performance  and  unparalleled  expertise,  at  a  TCO  so  small  you'll  need  a  microscope  to  find  it.  And  the  entire  solution  is  backed  by  enterprise 
level,  24/7  service  and  support. 

The  migration  is  on.  Find  out  how  you  can  make  the  most  of  it  for  your  organization.  Call  1-877- 440 -DELL,  or  go  to  the  Dell  UNIX  Migration  online 
calculator  at  www.dell.com/migration12  to  see  how  a  Dell  solution  can  lower  your  migration  costs  and  help  simplify  the  transition. 


Get  more  out  of  your  enterprise  for  less.  Easy  as 


D0LL 


Clickwww.dell.com/migration12  Call  1-877-440-DELL 

toll  free 
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Apptix  raises  autoprovisioning  platform 


■  BY  JENNIFER  MEARS 

STERLING,  VA.  —  Apptix,  a  spinoff  of 
application  service  provider  Telecom¬ 
puting,  last  week  unveiled  upgrades  to 
its  automated  provisioning  platform  to 
make  it  easier  for  service  providers  to 
offer  applications  on  demand. 

The  updates  to  Apptix’s  Tecos  4.0  plat¬ 
form  include  tighter  integration  with 
Microsoft  .Net,  which  is  designed  to 
make  it  easier  to  add  Microsoft  applica¬ 
tions  to  the  provisioning  framework. The 
upgrades  also  include  centralized  man¬ 
agement  for  a  wider  range  of  imple¬ 
mentations  so  service  providers  can 
deliver  applications  not  only  from  a 
shared  infrastructure,  but  also  from  ded¬ 
icated  servers  and  customer  premises 
installments. 

Tecos  is  the  platform  that  ASP  Tele¬ 
computing  uses  to  deliver  software  as  a 
service.  Last  year,  Telecomputing,  which 
was  founded  in  1997  in  Oslo,  Norway, 
and  still  operates  as  an  ASP  in  Europe, 
spun  off  Apptix  in  the  U.S.so  it  could  fo¬ 
cus  on  letting  service  providers  become 
ASPs.  Since  then,  Apptix  has  struck  up 
partnerships  with  Microsoft  and  HP  and 
its  customers  include  Digex  and  XO 
Communications. 

With  Tecos,  Apptix  offers  an  opera- 
tions-support  system  platform  that  ser¬ 
vice  providers  can  use  to  manage 
billing  and  other  business  processes 
associated  with  the  delivery  of  hosted 
applications.  Applications  are  delivered 
through  portals  that  the  service  provider 
brands.  Tecos  lets  service  providers  roll 
out  a  hosted  application  in  as  little  as  30 
days  and  avoid  the  high  upfront  costs 
they  would  incur  if  they  had  to  build  a 
provisioning  platform  themselves,  App¬ 
tix  executives  say. 

Tecos  4.0  gives  service  providers  more 
flexibility  in  how  they  manage  and 
deliver  applications  because  of  its 
tighter  integration  with  Microsoft  provi¬ 
sioning  and  Web  services,  says  Alex 
Hawkinson,  Apptix  CEO.  A  service  pro¬ 
vider  can  manage  a  dedicated  de¬ 
ployment  and  a  shared  deployment 


from  one  management  interface,  he 
says.  And  because  Tecos  4.0  is  fully  inte¬ 
grated  with  the  Microsoft  Provisioning 
System,  service  providers  more  easily 
can  customize  how  applications  are 
delivered. 

That’s  a  big  reason  why  Digex  chose 
Apptix  to  provide  the  framework  for 
delivering  its  hosted  Microsoft  Ex¬ 
change  service. 


Serving  software 

In  2002,  customers 
spent  more  than 

$2.3  billion 

on  software  as  a 
service.  IDC  expects 
the  market  to  reach 

$8  billion 

in  2007. 


“We  liked  the  strength  of  their  plat¬ 
form,  how  it’s  tied  into  Microsoft  .Net 
and  how  we  can  customize  that  plat¬ 
form  and  then  create  our  own  messag¬ 
ing  solution,”  says  Bobby  Patrick,  chief 
marketing  officer  for  Digex.  “Tecos  4.0 
allows  us  to  further  customize  our 
unique  offering  on  top  of  their  software.” 

Digex  is  using  Tecos  to  deliver  the  hosted 
Exchange  service  it  rolled  out  earlier  this 
year.  It  plans  to  begin  using  the  Tecos  4.0 
platform  by  the  end  of  the  summer. 

“There  will  be  new  service  levels  that 
are  more  customized  around  unique 
business  needs  vs.  today  the  service  lev¬ 
els  are,  ‘Do  you  want  the  wireless  op¬ 
tions  or  not?”’  Patrick  says.  “  [With  Tecos 
4.0]  we’ll  be  able  to  talk  about  how  we 
can  tie  messaging  into  our  customers’ 
businesses  better.” 

Amy  Levy,  a  senior  analyst  with  Summit 
Strategies,  says  Apptix  is  giving  service 
providers  what  they  need  to  be  success- 


Riverstone 

continued  from  page  33 

“We’re  looking  at  the  ability  to  aggre¬ 
gate  high-speed  data  customers  and 
[video-on-demand]  applications  over  a 
large  pipe,”  says  Bradley  Frye,  data  ser¬ 
vices  manager  at  Knology.“What  we  saw, 
we  liked." 

However,  Riverstone’s  XGS  switches  are 

View  from 
The  Edge 
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missing  some  features  Knology  needs, 
such  as  access  control  lists  and  specific 
ways  to  configure  Layer  3  interfaces 
with  Riverstone’s  SmartTrunk  link  aggre¬ 
gation  applications,  Frye  says. 

But  Riverstone  and  other  10G  Ethernet 
suppliers  might  be  facing  more  daunt¬ 
ing  challenges,  even  at  $10,000  per  port. 

“Will  actual  buyers  see  the  need  for 
this,  or  will  they  basically  just  continue 
to  buy  1G  bit/sec  and  wait  and  see  on 
the  10G  bit/sec?”  Network  Strategy 
Partners'  Kennedy  asks. 

The  9016  costs  $33,000,  while  the  9008 
costs  $19,980.  Both  will  be  available 
in  June.  ■ 


ful  delivering  software  as  a  service. 

“The  big  improvement  [in  Tecos  4.0]  is 
flexibility  in  terms  of  the  types  of  cus¬ 


tomers  that  service  providers  can  sup¬ 
port  and  the  types  of  applications  they 
can  support,”  she  says.  ■ 
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Get  on  the  fast  track  to  migration 


Visit  www.dell.com/migration12  and  go  to  the  Dell  UNIX  Migration  online  calculator  for  a 
free  migration  assessment.  A  Dell  UNIX  migration  solution  comes  complete  with  end-to-end 
Fast  Track  Migration  services  covering  applications  such  as  Oracle,  C/C++,  Sybase  to  SQL 
Server,  Java  and  a  full  range  of  Web  applications. 


Call  1-877-440 -DELL  today  to  speak  with  a  Dell  representative.  Together,  you  can  assess 
your  individual  needs  and  then  develop  a  cost-effective  plan  for  UNIX  migration. 


Easy  as 


Call  1  - 877- 440  -  DELL 

toll  free 

Click  www.dell.com/migratior!  T 
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the  Power  of  Networking  Innovation 
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at  NetWorld+Interop 


Be  part  of  the  one  can't-miss  event  for  serious 
networking  and  IT  professionals. 

NETWORLD+INTEROP  LAS  VEGAS  2003 

Networking  is  changing  faster  than  any  segment  of  the  information 
world,  and  transforming  the  way  we  develop  and  deploy  applications. 
NetWorld+Interop  is  the  one  event  that  gives  you  the  chance  to  see  the 
latest  products  and  solutions  while  you  meet  with  the  best  and  brightest. 


In  Las  Vegas  this  spring  you'll  find  the  ultimate  networking 
experience  and  real-world  solutions  in  these  key  areas: 


or  call  888-886-4057. 


NOTE:  Please  use  Coupon  Code  493  and  Priority  Code  NTMG5  when  registering. 

NETWORLD+INTEROP 

•  APRIL  27-MAY  2,  2003  EXHIBITION:  APRIL  29-MAY  1,  2003  LAS  VEGAS  CONVENTION  CENTER 
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SHAPING  YOUR  NETWORK 


WebDAV  secures  collaboration 


HOW  IT  WORKS 


WebDAV 


WebDAV  is  an  extension  of  HTTP  that  lets  users 
collaboratively  edit  and  manage  files  on  remote 

Web  server 


on 


By 


Firewall 


on 


on 

71  d ' 

Archives 

yP  s.—.y 

□n 

PH 


E-mail 

server 


Publishing 


Document 

management 


O  User  accesses 
WebDAV  file  via 
an  application, 
browser  or  file 
explorer. 


©  The  file  can  be 
accessed  over 
any  type  of  net¬ 
work  connection, 
including  VPN, 
dial-up  and 
Internet. 


©  Secure  ©  The  server  enforces  permissions  and 
Sockets  responds  to  requests  such  as 

Layer,  a  VPN  opening/editing  files,  browsing  the 
or  dedicated  directory,  creating/renaming  files  or 
line  secures  deleting  or  copying  files, 
file  transfer.  Any  number  of  users  can  access  and 
edit  the  same  file  securely. 


■  BY  LISA  DUSSEAULT 

Web-based  Distributed  Authoring  and 
Versioning  is  an  extension  of  HTTP  that 
lets  users  collaborate  via  the  Internet.The 
Internet  Engineering  Task  Force  approved 
it  as  a  standards-track  specification  in 
1998,  and  it  has  been  deployed  widely  on 
multiple  platforms  and  in  applications 
from  many  vendors. 

WebDAV  can  be  found  in  Web  servers 
such  as  Apache  and  Microsoft  Internet 
Information  Server  and  now  is  also  sup¬ 
ported  by  leading  document  and  content 
management  vendors.  WebDAV  functional¬ 
ity  also  is  embedded  in  common  desktop 
operating  systems,  including  Windows  and 
Mac  OS  X,  and  popular  applications  from 
Adobe,  Lotus,  Microsoft  and  others. 

So  why  all  the  support  for  this  lesser- 
known  sibling  of  HTTP?  The  protocol 
adds  new  features  that  let  users  access 
and  edit  files  via  the  Internet.  Simply  put, 
this  allows  for  easy  and  secure  collabora¬ 
tion  from  any  Internet  location. 

A  user  editing  a  document  stored  on  a 
WebDAV  server  can  lock  the  file  and  pro¬ 
tect  it  from  anyone  overwriting  those 
changes.  WebDAV  version  control  also 
makes  it  possible  for  users  to  know  which 
version  of  a  file  is  the  most  current,  mini¬ 
mizing  confusion. 

WebDAV  access-control  lists  provide  ad¬ 
vanced  control  over  read,  write  and  shar¬ 
ing  permissions  for  every  file,  further  im¬ 
proving  system  security  Analysts  recently 
have  suggested  that  the  file  management 
features  in  WebDAV  can  make  it  a  cost- 
effective  alternative  to  traditional  docu¬ 
ment  management  products. 

WebDAV  imposes  a  common  data 
model  that  includes  collections,  resources, 


locks  and  properties,  and  defines  a  com¬ 
mon  syntax  using  HTTP  messages  with 
custom  methods,  headers  and  bodies. 

Extending  HTTP  WebDAV  defines  several 
methods  for  file  management,  such  as 
Copy  and  Move,  and  Mkcol  for  creating 
new  Web  folders. 

The  Lock  and  Unlock  methods  let  a 
document  be  protected  while  the  author 
makes  changes.  The  Propfind  and 
Proppatch  methods  let  folders  be  browsed 
and  offer  flexible  management  of  meta¬ 
data.  All  these  methods  operate  on  HTTP 


resources,  so  any  Web  server  that  supports 
WebDAV  provides  an  integrated  system 
for  secure  authoring. 

Consider  a  few  scenarios  that  WebDAV 
was  built  to  address: 

•  A  sales  team  working  from  remote 
offices  or  while  traveling  needs  to  access 
information  about  their  company’s  latest 
product  release.  This  information  (price 
sheets,  screenshots  and  Flash  demos)  is 
stored  in  a  common  location  on  the  com¬ 
pany’s  WebDAV-compatible  server.  Al¬ 
though  the  sales  team  members  use  differ¬ 


ent  applications  and  network  access  meth¬ 
ods,  they  can  each  use  HTTP  and  WebDAV 
to  view  and  customize  the  sales  materials 
for  their  own  purposes,  often  without  leav¬ 
ing  their  standard  desktop  applications. 

•  A  hospital  needs  to  ensure  that  patient 
information  exchanged  between  doctors 
and  technicians  is  more  secure. They  real¬ 
ize  that  e-mail  attachments  no  longer  meet 
compliance  requirements  and  attach¬ 
ments  are  becoming  too  large  to  share 
easily  They  choose  a  WebDAV-compatible 
server  to  manage  their  patient  files  so  par¬ 
ticipants  can  exchange  secure  links  to  the 
files,  instead  of  file  attachments.  All  file  ac¬ 
cess  can  be  authenticated  against  the  hos¬ 
pital’s  Lightweight  Directory  Access  Pro¬ 
tocol  server,  and  all  file  transmissions  are 
encrypted  in  Secure  Sockets  Layer,  improv¬ 
ing  system  compliance. 

Most  users  can  identify  with  the  frustra¬ 
tions  of  not  being  able  to  access  informa¬ 
tion  when  they’ve  needed  it  or  trying  to 
collaborate  via  e-mail.  FTP  could  help  ad¬ 
dress  these  issues,  but  most  users  find  it 
too  complex,  and  it  doesn’t  provide  the 
security  benefits  of  WebDAV  that  many  IT 
managers  have  grown  to  appreciate. 

So,  where  is  WebDAV  headed?  It’s  quite 
possible  that  WebDAV  will  remain  almost 
invisible  to  most  users  as  it  becomes  part 
of  everyday  applications.  The  protocol  is 
fulfilling  its  promise  of  extending  current 
file  systems  beyond  the  LAN  to  include 
just  about  any  user  or  resource  on  the 
Internet. 

Dusseault  is  director  of  server  develop¬ 
ment  at  Xythos  Software  and  the  ccxhair 
of  the  WebDAV  Working  Group  at  the 
Internet  Engineering  Task  Force.  She  can 
be  reached  at  ldusseault@xythos.com. 


Dr.  Internet 


By  Steve  Blass 


We  downloaded  a  Windows  network  sniffer  pro¬ 
gram  as  suggested  in  your  Aug.  28, 2000,  column 
(www.nwfiision.com,  DocFinder:  5029)  to  trou¬ 
bleshoot  a  network  slowdown.  Now  what9  We  see 
the  results,  but  without  some  idea  of  what  we're 
looking  for  it's  like  reading  a  foreign  language. 

After  selecting  the  default  network  adapter  from 
the  setup  menu,  go  to  the  Captures  menu  and 
choose  Begin.  Click  the  Start  button  in  the  pop-up 


dialog.  Let  the  capture  continue  until  you  observe 
the  network  symptoms  you  are  troubleshooting, 
then  click  the  Stop  button.  The  program  displays  a 
spreadsheet  with  columns  for  destination  and 
source  media  access  control  addresses,  IP  ad¬ 
dresses,  and  a  summary  identifying  TCP/User 
Datagram  Protocol  (UDP)  port  numbers  and  pro¬ 
tocol  information.  Click  the  IP  address  column 
labeled  Network  to  sort  the  data  by  IP  connection. 
Look  for  the  IP  addresses  of  the  machines  giving 


you  trouble.  Scan  through  the  summaries,  looking 
for  sudden  changes  such  as  unanswered  or  re¬ 
peated  requests  that  coincide  with  the  communi¬ 
cations  slowdown.  Experiment  with  the  Advanced 
Filter  settings  in  the  startup  dialog  to  narrow  the 
search  for  subsequent  captures. 

Blass  is  a  network  architect  at  Change@Work  r 
Houston.  He  can  be  reached  at  dr.  interne! 
changeatwork.  com. 
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Centralized  configuration  database”  is 
Microsoft’s  long  and  rather  more  for¬ 
mal  way  of  saying  “registry”  —  that 
somewhat  eccentric  hierarchical  data¬ 
base  that  now  has  a  pivotal  role  in 
Windows  architecture. 

We’ve  discussed  some  registry  details  in 
the  past,  but  this  week  we’ll  take  a  closer 
look  at  how  the  whole  registry  thing  is  put 
together. 

First,  where  did  the  registry  come  from? 
Microsoft  introduced  it  in  Windows  95  to 
get  away  from  INI  file  hell.  Back  in  Win¬ 
dows  3.X  days,  system  settings  were  stored 
in  dozens  of  separate  INI  files,  and  figuring 
out  which  setting  was  stored  where  could 
be  difficult.Thus  it  was  that  Microsoft,  in  its 
wisdom,  invented  something  even  more 
complicated:  the  registry 
Note  that  not  all  applications  store  all  of 
their  settings  in  the  registry  —  some  appli¬ 
cations  ignore  it!  So  now  we  have  the  reg¬ 
istry  (a  nightmare  in  and  of  itself)  as  well  as 
configuration  files.  Oh  joy 


Windows  registry  magic 


So  is  life  better?  Arguably  it  is  because 
you  can  back  up  the  registry  and  be  pretty 
certain  that  most  of  your  key  settings  are 
safe.  On  the  other  hand,  the  registry  is  frag¬ 
ile,  and  if  it  should  get  damaged  you  could 
be  in  for  a  miserable  time.  Your  system 
might  not  start,  only  partially  start  or  be 
unstable  in  one  of  those“I  know  something 
is  wrong  with  this  computer  but  I’m 
damned  if  I  know  what  it  is”  kind  of  ways. 
Such  is  the  magic  of  Windows. 

Microsoft  has  turned  the  registry  into  a 
mysterious  object  that  it  says  is  best  left  to 
uber-geeks.  But  let’s  get  real:  Messing  with 
the  registry  is  as  dangerous  as  messing 
with  the  file  system.  Just  treat  it  with  the 
respect  it  deserves.  Anyway,  let’s  talk  about 
how  the  registry  is  organized, and  in  doing 
so  we’ll  focus  on  Windows  XP  and  2000. 

At  its  heart,  the  Windows  registry  is  a 
hierarchical  database.  Under  the  root  of 
registry  hierarchy  —  called  My  Computer 
—  are  root  keys  that  are  like  subdirecto¬ 
ries  and  they  can  contain  subkeys  (sub¬ 
subdirectories)  and  values.  Subkeys  also 
can  contain  further  subkeys  and  values. 
Finally,  values  have  names  (any  characters 
other  than  “\”,“*”or“?”),  types  (which  we’ll 
get  to  in  a  second)  and  data. 

You  will  note  that  all  root  key  names 
start  with  HKEY  There  is  an  extremely 
geeky  reason  for  this:  The  root  key  names 


are  Win32  (that’s  Windows  32-bit)  handles 
(that’s  the  “H”  part)  to  keys  (“KEY”). 

Root  key  is  an  understandable  concept 
but  these  entities  also  are  called  root  han¬ 
dles,  which  is  reasonable  because  they 
are,  indeed,  handles.  But  they  also  are 
called  hives,  which  is  not  reasonable  and 
merely  adds  gratuitous  obfuscation  for  no 
apparent  reason.  Such  is  the  magic  of 
Microsoft  development. 

The  root  keys  divide  the  registry  data 
into  categories  —  note  that  you  can’t  add 
new  root  keys  or  delete  existing  ones. 
Here  are  the  root  keys: 

•HKEY_CURRENT_USER:  data  associ¬ 
ated  with  the  currently  logged-on  user. 

•HKEYJJSERS:  information  about  all  the 
accounts  on  the  machine. 

■HKEY_CLASSES_ROOT:  file  association 
and  Object  Linking  and  Embedding  regis¬ 
tration  information. 

•HKEY_LOCAL_MACHINE:  system-relat¬ 
ed  information. 

•HKEY_CURRENT_CONFIG:  information 
about  the  current  hardware  profile. 

The  values  stored  under  keys  are  either 
the  default,  “value  not  set,”  or  one  of  the 
following  data  types  (note  that  only  the 
first  five  values  were  used  in  Windows  ver¬ 
sions  before  Windows  2000): 

•REGJ3INARY:  binary  data. 

•REG_SZ:  a  fixed-length  string. 
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■REG.DWORD:  a  4-byte  (DWORD)  value. 

•REG_MULTI_SZ:  multiple  REG_SZ 
strings. 

•REG_EXPAND_SZ:  an  expandable 
string. 

•  REG_DWORD_LITTLE_ENDl AN :  same 
as  REG_DWORD. 

•REG_DWORD_BIG_ENDIAN:  a  32-bit 
number  with  the  most  significant  byte  is 
the  rightmost,  or  low-order,  byte.  (Opposite 
of  the  order  of  REG_DWORD  and 
REG_DWORD_LlTTLE_ENDIAN.) 

•REGJJNK:  a  symbolic  link  between  sys¬ 
tem  or  application  data  and  a  registry 
value. 

•REG_FULL_RESOURCE_DESCRIPTOR: 
nested  arrays  designed  to  store  a  resource 
list  for  a  hardware  component  or  driver. 

■REG_RESOURCE_LIST:  a  group  of 
REG_FULL_RESOURCE_DESCRIPTOR 
values  for  device  configuration. 

•REG_RESOURCE_REQUlREMENTS_DE 
SCR1PTOR:  binary  list  of  required 
resources  for  a  device. 

There  also  are  unused  data  types  such 
as  REG_NONE  (a  value  with  no  data)  and 
a  series  that  starts  REG_Q  instead  of 
REG_D  for  64-bit  values  for  some  future 
64-bit  version  of  Windows. 

Fair  makes  your  head  spin  doesn’t  it? 

Cries  of  “mercy!"  to  gearhead@gibbs.com. 


Cool  Too 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


After  some  time  off  and  traveling  to  trade  shows,  we’ve 
acquired  a  backlog  in  the  Cool  Tools  Testing  Labs 
(also  known  as  my  cube).  Here’s  a  roundup  of  new 
products  that  win  the  Cool  Tools  Seal  of  Approval: 

Skullcandy's  Link 

This  cool  company  has  created  an  awesome 
set  of  headphones  (street  style,  behind-the- 
head)  that  takes  the  cord  and  splits  it, so 
that  you  can  connect  to  an  audio 
player  (digital  or  otherwise)  and  a 
cell  phone  at  the  same  time.  A  com¬ 
bination  volume  control/  micro¬ 
phone  clips  onto  your  shirt.  If  a  call 
comes  in  when  you’re  listening  to 
music,  you  can  press  a  button  on 
the  cord  to  answer  the 
phone.  The 


Si 

Link  le’3  you 

com.  phone 
and  auu  .layer 
at  same  i  -.e. 


The  latest  cool 


music  continues  to  play  in  the  background 
(only  you  can  hear  it,  not  the  caller),  and  you 
can  use  the  volume  control  to  lower  the  sound 
It’s  a  great  value  at  $30.  Go  to  the  Skullcandy  Web  site 
(www.skullcandy.com)  to  order. 

loplus  PocketDisk 

We’ve  seen  lots  of  USB-based  flash  memory  personal  stor¬ 
age  devices,  but  check  this  one  out. The  FbcketDisk  comes 
in  sizes  ranging  from  the  $23  16M-byte  version  up  to  the 
$290  512M-byte  version. We  received  the  128M-byte  version 
($60), and  found  it  a  nice  replacement  for  the  floppy  disk. 
The  FbcketDisk  also  comes  with  two  interesting 
features  —  the  ability  to  add  a  password  so 
that  you  can  protect  the  data  on  the  drive, 
and  a  tiny  external  “slide  lock”  on  the 
physical  device  that  lets  a  user  “lock 
down”  the  data  on  the  drive.  With  the 
lock  enabled,  a  user  can’t  erase  data 
stored  on  the  device.  It 
reminded  me  of  the 
hard  plastic  lock¬ 
ing  mechanism 
you  once  found  on 
a  3.5-inch  floppy  disk. 

Toshiba  Satellite  Pro  notebook 

Finally, we  will  be  sad  to  say  goodbye 
to  our  Toshiba  Satellite  Pro  notebook 
(6100  series,  starts  at  $1,458)  with  dual, 
integrated  802.11a  and  802.11b  capa¬ 
bilities  built  in.  It  had  a  Mobile  Intel 
Pentium  4  Processor  with  2.0  GHz, 
and  SDRAM  up  to  1G  byte. 


stuff  from  our  labs 

The  Satellite  Pro  comes  with  802.11a,  802.11b 
and  integrated  wireless  capabilities. 

While  the  notebook  was  heavy  to  carry  on  trips 
(the  price  to  pay  for  having  the  integrated  DVD  drive 
to  watch  movies),  this  was  a  good  notebook  to  have  as  a 
portable  desktop  replacement.  Integrated  wireless  capabili¬ 
ties  meant  not  having  to  lug  around  another  PC  card  (no 
matter  how  light,  it’s  still  extra  equipment),  and  we  were 
able  to  quickly  scan  and  connect  to  wireless  networks. 

ZyXEL  ZyAIR  wireless 

We  get  a  lot  of  small  office/home  office  wireless  LAN 
equipment,  and  1  was  expecting  another  somewhat  diffi¬ 
cult  installation  when  1  tested  the  ZyAIR  802.1  lb  wireless 
LAN  equipment  from  ZyXEL.  I  was  pleasantly  surprised 
when  the  installation  at  a  colleague’s  home  was  easy, 
despite  installing  it  on  different  machines  with  different 
operating  systems  (including  Windows  98). 

We  were  able  to  easily  install  the  ZyAlR-B-2000  four-port 
router  ($160),  which  let  us  connect  an  Ethernet-enabled 
desktop  to  the  gateway,  while  providing  wireless  access  to 
a  second  desktop  upstairs, and  to  a  notebook.  We  took  the 
second  desktop  and  connected  it  to  the  network  via  the 
ZyAIR  B-200  ($70),  a  USR-enabled  network  adapter.  Our 
notebook  connected  to  the  wireless  network  via  the 
ZyAIR  B-100  PC  Card  ($70).  It’s  good  to  see  vendors  taking 
an  active  interest  in  home  users,  especially  with  set-up 
software  getting  easier  to  use. 

The  ZyXEL  gear  also  had  some  advanced  security  fea¬ 
tures,  including  support  for  802. lx  authentication.  Com¬ 
panies  that  want  their  teleworkers  to  have  secure  equip¬ 
ment  that’s  still  easy  to  use  should  consider  ZyXEL 


Shaw  can  be  reached  at  kshaw@nww.com. 
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Wave  goodbye  to 

wireless  security  problems. 

What's  making  you  insecure  at  work?  Your  wireless  network? 

No  problem.  NETGEAR®  knows  how  to  send  security  problems 
packing,  with  powerful,  affordable  business-class  firewalls. 

Take  the  unique  FVM3 1  8.  This  broadband  802. 1  1  b  wireless 
VPN  firewall  blocks  the  gaps  in  WEP  encryption  with  the  first 
implementation  in  its  category  of  the  government-approved 
Advanced  Encryption  Standard  (AES).  The  FVM31  8  is  a  complete 
solution,  initiating  up  to  70  WAN-based  IPSec  VPN  tunnels 
and  up  to  32  IPSec-based  WLAN  VPN  (3DES  or  AES)  tunnels. 

No  additional  hardware  or  software  is  needed  for  operation  as 
with  competitive  solutions. 

The  FVM31  8  is  also  painless  to  set  up,  thanks  to  NETGEAR's 
Smart  Wizard,  Web-based  configuration  screen  and  Install 
Assistant.  And  it's  backed  by  a  three-year  warranty  and  24/7 
technical  support.  All  of  which  should  give  you  a  wave  of  relief 
regarding  wireless. 

For  product  details,  visit  www.nefrgear.com/go/fvm318a. 
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EDITORIAL 

John  Dix 


IP  PBX  debate 
brings  on 
fireworks 


The  back  and  forth  at  the  Network  World  IP  PBX 

Showdown  at  the  Voice  on  the  Network  conference 
in  San  Jose  last  week  was,  in  a  word, spirited. 

The  goal  of  the  presidential-style  debate  —  hosted  by 
yours  truly  and  Mike  Hommer,  manager  of  consulting  for 
Miercom  —  featured  speakers  from  Alcatel,  Avaya,  Cisco, 
Mitel  and  Nortel.  Here  are  some  outtakes: 

•  Tony  Pereira,  director  of  enterprise  solutions  market¬ 
ing  at  Nortel,  asked  Bill  King,  Cisco  technical  marketing 
manager,  how  Cisco  can  keep  up  given  “we’re  building  to 
the  future  and  you’re  trying  to  catch  up  to  stuff  we  al¬ 
ready  have.”  King  said  there  are  some  features  Cisco  will 
never  add,  like  support  for  rotary  phones,  but  admitted 
there  is  a  shortfall  and  “we  are  addressing  the  feature  gap. 
We’re  investing  heavily.  Our  R&D  spending  is  as  high  as 
Avaya’s  total  revenue.” 

•  Avaya  encrypts  packets  at  the  phone,  making  for  a 
secure  environment,  so  we  asked  Alcatel  about  its 
security  story.  Jeanne  Bayerl,  director  of  product  mar¬ 
keting,  said  the  real  issue  is  availability,  keeping  your 
call  controller  from  getting  hacked.  Alcatel, she  said, 
has  that  licked. 

•  Cisco’s  King  asked  why  a  lot  of  Avaya  bids  are  TDM 
with  a  little  IP  thrown  in,  even  in  greenfield  installations. 
Avaya’s  Mack  Leathurby,  director  of  converged  system 
and  unified  communication  applications,  came  back: 
“Customers  typically  have  lots  of  legacy  gear  in  other 
offices,  and  this  hybrid  approach  is  the  easiest  way  to 
support  it.” 

•  Avaya’s  Leathurby  to  NorteLYou  sold  off  your  CRM 
company  so  how  do  you  address  questions  about  cus¬ 
tomer  contact  centers?  Pereira: “Our  contact  solution  is  as 
good  as  yours,  probably  a  little  better.  Our  professional 
services  organization  will  work  with  customer  and  third- 
party  vendors  to  address  any  and  all  needs.” 

•  Mitel’s  Christian  Szpilfogel,  director  of  product  line 
management,  accused  Cisco  of  not  playing  fair: “You  own 
the  Layer  2  and  3  switch  market,  and  we  want  to  make 
sure  our  systems  work  in  that  environment,  but  you  won’t 
give  up  things  like  the  Cisco  Discovery  Protocol. We  have 
to  reverse  engineer  that  to  use  inline  power  in  Cisco  envi¬ 
ronments.  Why?”  King  said,  a  little  sheepishly, “it  isn’t  public 
because  it  is  one  of  the  things  that  we  use  to  add  value.” 

And  so  it  went.  At  the  end  a  person  in  the  audience 
asked  when  IP  would  bypass  TDM  in  terms  of  line  ship¬ 
ments.  Alcatel  was  most  optimistic, saying  this  year,  Cisco, 
Mitel  and  Nortel  put  it  at  2005,  and  Avaya  at  2008.That’s 
quite  a  range. 


—  John  Dix 
Editor  in  Chief 
jdix@nww.com 
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opinions! 


DSL  prioritization 

In  the  story  “DSL  penetrates  the  business  market . . . 
slowly”  (www.nwfusion.com,  DocFinder:  5024), 
I’m  confused  by  For  Eyes  Optical  IT  manager 
Shuieb  Khan’s  statement  that  asymmetrical  DSL 
(ADSL)  speeds  vary  depending  on  how  many 
users  are  on  the  DSL  network  as  compared  with 
other  DSL  technologies. 

If  he  meant  that  more  users  on  a  customer’s  LAN 
would  cause  the  customer’s  individual  service  to 
slow  down,  that  would  be  true  of  any  Internet 
access.  Perhaps  he  meant  ADSL  was  more  prone 
than  other  DSL  technologies  to  slow  down  as  more 
users  adopt  the  ISP’s  network.  I  would  say  that 
would  be  true  of  any  ISP’s  network  and  has  to  do 
with  how  an  ISP  manages  traffic  load  and  network 
build-outs  to  compensate  for  load.  To  my  knowl¬ 
edge,  all  DSL  technologies  connect  to  an  ATM 
backbone  and  carry  similar  low-level  quality  of  ser¬ 
vice  for  their  connections.  So  all  DSL  is  typically 
going  to  suffer  from  that  sort  of  prioritization  in  the 
provider’s  backbone. 

Gordon  Coogan 
Anaheim,  Calif. 

Migrating  to  Linux 

Regarding  Mark  Gibbs’  Backspin  column  “Why  aren’t 
you  migrating  to  Linux?”  (DocFinder:  5025):  It  took 
me  10  years  to  be  able  to  handle  any  curve  ball  in 
the  Windows  server/desktop  environment.That’s  a 
lot  of  practice  —  on  my  own  and  from  mentors.  Not 
everyone  is  in  a  cutting-edge  department.  I  am  the 
lone  IT  guy  in  a  small  manufacturing  business.  Now 
I  have  to  learn  Unix  on  my  own  —  not  a  pleasant 
thought.  Implementing  and  replacing  working  sys¬ 
tems  with  Linux  —  that’s  where  the  fear  comes  from. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  Editor  In 
Chief,  Network  World,  118  Turnpike  Road,  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  aerification. 


There  will  come  a  (price)  point  where  the  savings 
outweigh  the  fear,  but  it  isn’t  here.  That  will  come 
when  Microsoft  and  other  application  providers  no 
longer  support  Windows  NT  4.0.  When  I  can’t  sup¬ 
port  the  legacy  environment,  I  will  venture  out. 

Dave  Kaplan 
Vice  president,  IT 
International  Patterns 
Bay  Shore,  N.Y 

I’ve  been  using  Linux  as  my  desktop  operating  sys¬ 
tem  for  a  few  years.  I  originally  did  it  with  the  goal  of 
getting  more  familiar  with  Linux  because  our  Web 
server  is  a  Red  Hat  box.  But  I  soon  found  I  preferred 
Linux  over  Windows  for  many  reasons.  If  you  run 
Windows  and  Red  Hat  on  the  same  box,  you’ll  find 
the  Red  Hat  system  —  even  with  a  graphical  user 
interface  (GUI)  environment  like  Gnome  —  is 
noticeably  more  responsive.  I  also  have  significantly 
more  control  over  my  environment,  can  work  easily 
in  GUI  or  command-line  mode  (whichever  better 
suits  a  given  task),  and  don’t  have  to  worry  about 
e-mails  containing  macro  viruses  and  such. 

There  is  a  downside,  though.  OpenOffice  and 
Mozilla  are  great  applications,  and  the  typical  user 
could  probably  run  a  Linux  desktop  without  feeling 
much  pain.  But  I  miss  some  commercial  apps.  Even 
though  I’ve  always  coded  pages  by  hand.it  would  be 
nice  if  Dreamweaver  (or  an  equivalent)  would  run 
on  Linux;  and  while  Gimp  is  good,  it  really  isn’t  a 
Photoshop  replacement.  So  this  Linux  “switcher"  is 
probably  going  to  make  another  switch  soon  —  to 
Mac.  In  my  view,  Mac  OS  X  should  have  all  the  advan¬ 
tages  of  my  current  Linux  system,  and  will  give  me 
the  flexibility  to  run  the  commercial  applications  I 
want.Time  will  tell. 

Travis  Saling 
Webmaster 

Department  of  Electrical  Engineering 
University  of  Washington 
Seattle 
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SECURITY  CHECK 

Robert  Gezelter 


The  need  for  DNS  resiliency 


On  Sept.  1 1,2001,  many  New  York  businesses  disappeared  from  the 
Internet  because  their  DNS  services  were  fragile.  Fragility  is  the 
opposite  of  resilience,  the  ability  to  continue  operations  despite 
damage  to  individual  elements. 

User-reported  difficulties  indicate  insufficient  resilience.  The  first 
reports  of  infrastructure  problems  should  come  from  internal  monitor¬ 
ing  systems,  not  a  flurry  of  phone  calls  from  users. 

DNS  translates  domain  names  into  IP  addresses.The  most  publicized 
concerns  with  DNS  involve  root  name  servers,  which  are  beyond  the 
control  of  typical  Internet  users.  Less  publicized  are  issues  involving  the 
organization  and  provisioning  of  the  name  servers  for  enterprise  do¬ 
mains,  which  are  within  a  company’s  control  and  often  are  neglected. 

A  misconception  is  that  a  company’s  ISP  is  responsible  for  providing 
servers  to  answer  queries  for  the  company’s  domains.  While  most  ISPs 
provide  DNS  services  for  their  customers,  the  details  vary  greatly  Some 
ISPs  will  act  as  authoritative  secondary  name  servers,  downloading  the 
actual  DNS  zones  from  user-maintained  DNS  servers;  some  will  not. 
Beware:  DNS  failure  is  e-commerce  death. 

In  the  end,  DNS  resilience  is  determined  by  the  steps  a  company 
takes  to  ensure  that  its  domain  data  remains  available  to  the  Internet. 

The  most  rudimentary  step  to  ensure  resilience  of  your  Internet  pres¬ 
ence  is  to  always  have,  at  a  minimum,  primary  and  secondary  DNS 
servers  for  the  domain. These  servers  should  be  distinct  systems  in  dif¬ 
ferent  locations. 

Single  points  of  failure  must  be  avoided.  Achieving  geographic  dis¬ 


persion  is  neither  difficult  nor  expensive.  Resorting  to  a  hosting  ser¬ 
vice  or  ISP  is  often  unnecessary,  although  it  is  an  option.  A  field  office 
or  sister  organization  easily  can  provide  the  few  cubic  feet  and  kilo¬ 
bytes  per  hour  (yes,  per  hour)  required  to  house  an  alternate  DNS 
server. The  system  even  can  be  managed  remotely 

A  production  site  with  many  concurrent  users  justifies  extensive  mon¬ 
itoring.  Each  link  in  the  chain  connecting  customers  to  the  site  should 
be  monitored  on  a  basis  sufficient  to  alert  the  organization  to  problems 
in  a  timely  manner. With  DNS  servers,  regular  verification  that  the  name 
servers  are  online  and  responding  properly  is  prudent. 

Diversity  of  carriers,  geographic  location  and  routing  are  important 
steps  to  ensure  that  single-source  errors  do  not  disrupt  your  DNS  ser¬ 
vices  and  impair  your  Internet  presence. 

In  a  piece  of  fabric,  an  individual  thread  or  moderate  number  of 
threads  may  break  without  compromising  the  function  of  the  whole. 
Analogously,  failures  that  do  not  result  in  service  disruption  will  never 
lead  to  customer  dissatisfaction.  Dispersion  of  functionality  is  far  less 
expensive  and  far  more  resilient  than  attempts  to  harden  facilities 
beyond  the  possibility  of  damage. 

(This  column  is  a  condensed  version  of  a  newsletter  that  appears  on 
Network  World  Fusion  at  www.nwfusion.com,  DocFinder:  5026.) 

Gezelter  is  a  network  security  consultant  and  a  contributor  to  The 
Computer  Security  Handbook,  4th  Edition.  He  can  be  reached  at  gezel- 
ter@rlgsc.com. 
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INDUSTRY  COMMENTARY 

Frank  Dzubeck 


y  last  column  on  technological  dis¬ 
continuities  in  2003  (www.nwfu 
sion.com,  DocFinder:  5027)  generated 
significant  reader  e-mail  regarding  the  feasi¬ 
bility  of  voice  becoming  the  “killer”  applica¬ 
tion  for  IEEE  802.11  (Wi-Fi).  In  the  past  few 
months,  global  capital  commitments  and 
scheduled  deployment  into  public  areas  such  as  hotels,  airports,  cafes, 
stadiums  and  truck  stops  have  fueled  Wi-Fi  growth.  This  aggressive  roll¬ 
out  counters  the  notion  that  it  will  be  impossible  for  Wi-Fi  to  achieve 
the  ubiquity  of  cellular  wireless.  In  all  probability  cellular  mobility  will 
coexist  with  and  complement  public  and  private  Wi-Fi  deployment 
until  the  IEEE  solves  the  distance  limitation  problems. 

Wi-Fi’s  strength  —  and  cellular  wireless’s  weakness  —  is  data.  Cellular 
wireless  deployment  for  data  has  been  hampered  by  cost  and  through¬ 
put  issues  that  equate  to  high  usage  charges.  Data  will  not  be  the 
increased  call-minute  panacea  that  carriers  hoped  would  pay  for 
licenses  and  upgrades  to  3G  and  other  cellular  technologies. 

To  make  an  analogy  to  the  wireline  world,  at  one  time  the  PBX  was 
considered  a  data  switch  with  connection  speeds  of  1.2K  to  9.6K 
bit/sec.The  IEEE  802.3  LAN  arrived  to  compete  with  the  PBX  and  deliv¬ 
ered  increasingly  higher  data  rates  to  users.  As  the  technology  matured, 
IEEE  802.3p/q  added  quality  of  service  to  the  LAN  and  let  low-bit-rate 
real-time  voice  use  the  “Ethernet  highway  Today  the  PBX  and  LAN 
coexist,  but  the  PBX  faces  inevitable  retirement.  Similarly,  in  the  WAN, 
data  traffic  has  surpassed  voice  traffic  in  carrier  networks.  Class  5  net¬ 
works  designed  to  support  voice  and  disastrously  redesigned  to  sup¬ 
port  data  using  ISDN  are  now  passe.  Coexistence  is  still  the  case,  but 
voice  over  IP  will  be  the  eventual  victor. The  data  highway  always  will 
be  the  winner  when  compared  with  the  voice  highway. 

Technological  history  has  a  way  of  repeating  itself.  What  occurred  in 
the  wireline  arena  will  replicate  itself  in  the  wireless  arena.  Wireless 
technologies  such  as  cellular,  IEEE  802.1 1,  IEEE  802.15  and  IEEE  802.16 
will  coexist  for  a  time.  Cellular  was  designed  for  voice,  the  other  three 
for  data.  How  long  they  coexist  will  be, as  in  the  wireline  space,  an  eco¬ 


More  on  tech  discontinuity 


nomic,  rather  than  a  technological,  issue. 

One  reader  commented  on  the  limitations  of  Wi-Fi  with  respect  to  the 
number  of  users  that  can  be  serviced  per  base-station  access  points 
and  the  allocation  of  finite  resources  per  user.  At  least  four  approaches 
have  emerged  to  address  this  problem.  The  first  uses  high-capacity, 
longer-range  Wi-Fi  switch/access  points  to  transmit  narrow  beams  of 
packets  only  to  designated  wireless  devices.  The  second  uses  distrib¬ 
uted  dumb  Wi-Fi  access  points  and  a  new  generation  of  intelligent 
Ethernet  switch  that  centrally  aggregates  and  controls  multiple  access 
points.The  third  creates  a  multiple  smart-antenna  access  point  that  can 
aggregate  hundreds  or  thousands  of  users.  The  fourth  uses  an  intelli¬ 
gent  base-station  switch  to  aggregate  and  control  distributed  smart 
antennas.  My  bet  is  that  the  second  approach  will  win  out  because  of 
cost,  ease  of  implementation  and  management. 

Many  readers  discussed  security  for  the  user  and  the  economics  of  the 
business  case  for  the  public  Wi-Fi  hot  spot.  Security  is  being  addressed 
in  the  transmission  layer  of  Wi-Fi  with  IEEE  802.1  li  and  at  the  IP  appli¬ 
cations  layer  with  standards-  and  policy-based  authentication  and 
access  control.  Economics  are  another  matter. 

The  issue  today  with  public  hot  spots  is  that  flat-fee  charges  do  not 
return  enough  revenue  to  pay  for  the  cost  of  WAN  Internet  access 
facilities,  let  alone  voice  charges.  The  most  advantageous  approach 
seems  to  be  to  treat  the  Wi-Fi  equipment  and  WAN  access  as  a  sales 
expense,  embedding  that  overhead  cost  across  all  goods  and  ser¬ 
vices.  The  only  other  alternative  will  be  on-demand  or  multiloca¬ 
tion/vendor  flat-fee  billing  at  an  equitable  rate  structure  to  stimulate 
use  and  recover  cost. 

The  success  of  Wi-Fi  is  analogous  to  the  success  of  the  cellular  indus¬ 
try  Technology  was  secondary  to  simplifying  universal  roaming  and 
creating  a  sound  demand-based  economic  and  business  model.  The 
wheel  turns;  cellular  today  Wi-Fi  tomorrow. 


Wi-Fi's  strength  - 
and  cellular  wire¬ 
less's  weakness 
-  is  data. 


Dzubeck  is  president  of  Communications  Network  Architects,  an 
industry  analysis  firm  in  Washington,  D.C.  He  can  be  reached  at 
fdzubeck@commnetarch.com. 
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Vol  P  variations 

Different  architectural  strokes  from  different  vendor  folks. 


■  BY  STUART  MELNITSKY 


When  it  comes  to  IP  PBXs,  prod¬ 
ucts  from  IP-centric  vendors  and 
legacy  PBX  companies  are  char¬ 
acterized  as  much  by  their  dif¬ 
ferences  as  by  their  similarities. 

In  general,  the  two  camps  can  be 
summarized  this  way:  the  legacy 
PBX  vendors  include  Alcatel, 
Avaya,  Mitel,  Nortel  and  Siemens; 
the  IP  newcomers  are  led  by 
Cisco,  3Com,  Shoreline  and 
Vertical  Networks. 

The  legacy  vendors  have  an  edge 
when  it  comes  to  the  total  number 
of  traditional  PBX  features.The  IP 
PBX  vendors  offer  a  more  stripped- 
down  suite  of  features  —  call  hold, 
call  forwarding,  call  waiting,  con¬ 
ference  calling  and  voice  mail.  But 
the  newcomers  also  take  advan¬ 
tage  of  the  tighter  integration  with 
desktop  productivity  applications,  \ 
such  as  Microsoft  Outlook,  giving 
users  a  unified  view  of  voice  mail,  e- 
mail  and  faxes. 

When  it  comes  to  other  characteris¬ 
tics,  such  as  basic  architecture,  how  th 
provide  reliability  and  how  they  support 
standards  for  features  such  as  call  control 
and  inline  power,  the  results  are  all  over  the 
map. 


IP  phone  home 

You  might  assume  that  all  IP  PBX  vendors  support 
IP  phones,  but  until  recently,  that  was  not  the  case. The 
legacy  vendors  supported  IP  phones,  but  not  upstarts 
Shoreline  and  Vertical. They  held  the  view  that  the  value 
of  the  IP  PBX  lay  with  the  distributed  architecture  and 
the  applications,  not  an  expensive  phone.  Therefore,  they 
limited  their  support  to  analog  stations. 

Another  concern  often  raised  about  IP  phones  is  the 
potential  need  to  reengineer  the  corporate  IP  network 
to  accommodate  —  and  prioritize  —  voice  traffic. 
Establishing  quality  of  service  entails  configuring 
switches  and  routers  to  support  802.  lp/q,  type  of  ser¬ 
vice  bits,  and  potentially,  Differentiated  Service.  While 
these  are  not  necessarily  difficult  tasks,  they  do  require 
datacom  expertise  —  either  in-house  or  outsourced. 

IP  phone  advocates  argue  that  IP  phones  —  with  Web- 
based  browsers  and  desktop/PDA  integration  capabili¬ 
ties  —  add  substantially  more  value  than  their  propri¬ 
etary  digital  predecessors.  As  Shoreline  and  others  have 


discovered,  there  is  enough  corporate  interest  in  IP 
phones  to  warrant  —  perhaps  necessitate  —  support, 
which  is  why  Shoreline  and  Vertical  have  added  support 
for  IP  phones  from  Polycom. 

Cisco  has  made  IP  phones  an  integral  part  of  its  archi¬ 
tecture  for  voice  and  video  (AWID).  Cisco  provides 
support  for  analog  devices,  such  as  phones  and  fax 
machines,  through  an  optional  gateway,  the  VG-248. 

For  3Com  users  interested  in  keeping  their  digital 
handsets  while  migrating  to  a  NBX  IP  PBX,  Citel  Tech¬ 
nologies  offers  a  gateway  between  3Com's  IP  PBXs  and 
Nortel  Norstar  digital  handsets. 

The  legacy  PBX  vendors,  including  Alcatel,  Avaya  and 


Nortel,  have  incorporated  support  for  IP  phones,  analog 
phones  and  their  own  digital  handsets.  IP  phone  sup¬ 
port  is  consistently  accompanied  by  support  for  G.71 1 
and  G.729a  voice  coders. 

Topology  tour 

Many  IP  PBX  vendors,  including  Avaya,  Cisco  and 
Nortel,  rely  on  centralized  call-control  servers 
For  example,  Cisco’s  AVVID  call  manager  sits  on 
Media  Convergence  Server  (MCS)  running  on  Win 
2000;  Nortel’s  Succession  CSE  1000  call  server  run' 
VxWorks,  as  does  its  Signaling  Server;  and  Avaya V.  ' 
Media  Server  runs  on  a  dedicated  Linux  server 
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!i P  PBX  customer  satisfaction 

According  to  a  Sage  Research  survey, 

IP  PBXs  received  higher  satisfaction 
ratings  than  traditional  PBXs  in  several 
categories. 

K1  Traditional  PBXs  MlP  PBXs 


Product  Product  Product  Feature 

installation  manageability  reliability  range 

The  potential  problem  with  these  centralized  call-con¬ 
trol  server  architectures  is  the  dreaded  single  point  of 
failure.  However,  there  are  ways  to  mitigate  this  problem. 

For  instance,  Avaya  addresses  reliability  through  a 
redundant,  dual-processor  configuration;  if  one  goes 
down,  the  other  assumes  the  call-processing  load.  Sim¬ 
ilarly,  Nortel  supports  redundant  Signaling  Servers. 

Cisco  approaches  the  issue  of  high  availability  a  bit  dif¬ 
ferently,  introducing  an  element  of  distribution  through 
server  clustering.  AW1D  supports  clusters  of  up  to  10 
CallManagers  over  LAN  or  WAN  links  to  provide  failover 
and  load-sharing  support. 

Clustering  approach 

A  cluster  can  support  one  or  more  device  pools. 

Within  each  cluster,  there  is  a  primary  CallManager,  and 
designated  failover  CallManagers. These  failover  Call- 
Managers  can  simultaneously  serve  as  primary  CallMan¬ 
agers  in  other  clusters,  letting  large  sites  set  up  multiple, 
overlapping  clusters  to  maximize  survivability 

Cisco’s  IP  phones  can  be  configured  to  signal  a  prim¬ 
ary  MCS.as  well  as  back-up  MCSs.in  case  the  primary 
MCS  becomes  inaccessible. 

Technically,  this  is  a  sound  approach,  but  it  requires  buy¬ 
ing  additional  AWID  MCSs.This  might  be  acceptable  to 
large  companies,  but  might  not  fit  the  budgets  of  smaller 
organizations.  Also,  this  approach  doesn’t  necessarily 
address  the  requirements  of  small  branch  offices,  where  it 
doesn’t  make  economic  sense  to  deploy  an  MCS. 

What  happens  when  one  of  these  small  branch  offices 
loses  its  WAN  link  and  cannot  reach  a  stand-alone  MCS 
or  cluster? 

Cisco’s  response  is  survivable  remote-site  telephony,  an 
lOS-based  option  for  routers  and  Catalyst  switches 
(which  might  require  an  IOS  upgrade)  that  provides 
limited  call  processing  back-up  functionality  in  the 
event  the  Call  Manager  becomes  unreachable. 

Avaya  and  Nortel  also  employ  local  survivability  tech¬ 
niques  with  their  Succession  CSE  1000  and  S8700  Media 
Servers,  respectively  Call-server  and  signaling  functions,  in 
the  form  of  processor  boards,  can  be  distributed  to  gate¬ 
way  devices  —  Nortel’s  Media  Gateway  and  Avaya’s 
branch  office  S8300  Media  Server/G700  Gateway  —  for 
temporary,  local  call-processing  capabilities. 

By  contrast, Shoreline’s  Shoreline4  is  based  on  a  more 
distributed  call-server  architecture.  Each  ShoreGear  voice 
switch  has  gateway  and  embedded  call-control  software, 
running  on  VxWorks.  If  a  voice  switch  goes  down,  its  ef¬ 
fect  is  localized,  users  connected  to  other  switches  still 
have  access  to  their  own  call-control  server.  Shoreline 


plans  to  extend  this  survivability  to  voice  applications 
such  as  voice  mail  through  a  distributed  application  ser¬ 
ver  architecture,  in  the  second  quarter. 

From  a  deployment  and  management  perspective, 
Shoreline  presents  a  less-complex  alternative  to  the  clus¬ 
tering  and  SRST-like  techniques  of  the  other  vendors. 

However,  Shoreline’s  recent  support  for  IP  phones  has 
introduced  a  new  issue.  Shoreline  s  IP  phones  are  set  up 
to  signal  designated  gateways  (which  reside  in 
Shoreware  voice  switches).  If  a  switch  fails,  or  becomes 
unreachable,  manual  intervention  is  required  to  switch 
over  all  the  associated  IP  phones  to  a  new  gateway  A 
future  Shoreline  release  promises  to  automate  this  fail¬ 
over  function,  the  company  says. 

For  management,  most  IP  PBXs  rely  on  Web  servers  — 
either  stand-alone  or  implemented  on  the  call  server’s 
main  controller,  while  a  browser  or  Java  application  is 
used  to  access  and  configure  management  data.  In  most 
cases,  Web-based  management  is  sufficient.  However, 
configuring  Cisco’s  AWID  requires  some  command-line 
interface  expertise  for  the  associated  switching  and  rout¬ 
ing  infrastructure. 

Standard  stew 

When  it  comes  to  call  control, signaling,  interswitch 
communications,  and  even  in-line  power  for  IP  phones, 
some  vendors  are  adhering  to  standards;  others  are  not. 


For  example,  Avaya  and  Siemens  support  H.323.For  its 
recently  released  IP  phones,  Shoreline  is  using  media 
gateway  control  protocol,  while  deploying  Session 
Initiation  Protocol  (SIP)  for  communication  between 
voice  switches.  Cisco  uses  a  proprietary  standard  — 
Skinny  Client  Control  Protocol  —  for  call  control. 

SIP  continues  to  gain  acceptance,  but  it’s  unclear  if  and 
when  it  will  overtake  H.323  as  the  protocol  of  choice. 

With  respect  to  in-line  power,  most  vendors  appear  to 
be  rallying  around  the  IEEE’s  802.3af  draft  for  powering 
IP  phones  over  Ethernet  cabling.  But  because  it  has  not 
yet  been  ratified, some  vendors  are  relying  on  pre¬ 
standard  solutions.  For  instance,  Cisco’s  Inline  Fbwer  is  a 
prestandard  implementation  that  Cisco  has  indicated  it 
plans  to  support  8023.af  once  it  is  ratified,  while  main¬ 
taining  support  for  Cisco  Inline  Pbwer. 

Despite  these  unresolved  issues,  the  IP  PBX  market  has 
matured  quite  a  bit  over  the  past  year.  As  a  whole,  the  IP 
PBX  vendors  have  done  a  credible  job  of  refining  the 
functionality  and  resiliency  of  their  products. 

And  because  legacy  PBX  vendors  are  shifting  their 
development  resources  away  from  legacy  PBXs  to  newer 
IP  PBX  technologies,  customers  will  have  little  choice  but 
to  explore  this  new,  converged  world. 

Melnitsky  is  a  freelance  writer  in  Massachusetts.  He  can 
be  reached  at  melnitsky@yahoo.com. 


Centralized  vs.  decentralized 

Most  vendors,  including  Cisco,  Nortel  and  Avaya,  rely  on  a  centralized  call-control  server. 
Shoreline  takes  a  decentralized  approach. 
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In  the  centralized  model,  if  a  call  server  or  WAN  link  fails,  gateway  devices  can  provide  basic  functions  and  features. 
For  server  redundancy,  Cisco  offers  clustering,  while  Avaya  has  a  dual-server  configuration. 


With  Shoreline's  distributed  architecture,  each  voice  switch  has  its  own  call-control  software  and  gateway.  There  is 
no  server  redundancy,  but  a  switch  failure  affects  only  the  population  of  phones  connected  to  the  specific  switch. 


hp  ProLiant  ML310 

•Tower  Model 

•Intel®  Pentium®  4  processor  2.53  GHz  - 
(2.80  GHz  available) 

•256MB  Total  PC2100  Registered  ECC  DDR  SDRAM  Memory 
•Integrated  Dual  Channel  Ultra  ATA-100  IDE  Adapter  with 
Integrated  ATA  RAID  0, 1,  &  1+0 
•40GB  ATA  7200  rpm  Drive  1"* 

•NC7760  Gigabit  Network  Controller  (embedded) 

•ProLiant  Essentials  Foundation  Pack 
(including  SmartStart™  &  Insight  Manager™) 

•1-Year  Worldwide  Pre-Failure  Warranty  (processors,  memory  & 
hard  drives),  next-business-day  parts,  labor  &  on-site  delivery* 

$1,048 

Lease  for  under  $44  a  month  for  24  months* 


hp  »c2120 

•Tower  Model 

•Intel®  Celeron®  1.80  GHz  processor 
•128MB  PC2100  Registered  ECC  DDR  Memory, 
upgradeable  to  4GB 

•Integrated  Dual  Channel  Ultra  ATA-100  IDE  Adapter 
•40GB  Ultra-ATA  7200  rpm  Hard  Drive* 

•NC7760  Gigabit  Network  Controller  (embedded) 
•1-Year  Limited  Warranty* 

$549 

Lease  for  under  $23  a  month  for  24  months' 


HP  servers  are  as  reliable  as  they  are  affordable, 
so  it  costs  less  to  maximize  your  server's  uptime. 

In  fact,  our  Intel-  processor-powered  HP  servers  are 
the  best-designed  servers  built  on  the  most  reliable 
platform  available.  They're  custom  configured  to  meet 
your  company's  nonstop  demands  and  they're 
easier  to  install  than  ever  before.  And  every  HP 
server  can  be  managed  today  as  easily  as  they  are 
adaptive  and  expandable  for  tomorrow.  Plus  they're 
all  backed  with  an  impressive  warranty  and  our 
experienced  service  and  support  team.  So  your 
business  heads  in  the  only  direction  it  should— -up. 
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hp  ProLiant  ML 350  G3 

•Tower  Model 

•Intel®  Xeon™  processor  2.40  GHz 
•256MB  Total  PC2100  Registered  ECC  DDR 
SDRAM  Memory  (1  x  256) 

•Integrated  Dual  Wide  Ultra3  SCSI  Adapter 
®6  x  1 "  Hot  Pluggable  Hard  Drive  Bays 
•36.4GB  U320  Universal  Hard  Drive  (1") 

1 0,000  rpm* 

•NC7760  Gigabit  Network  Controller  (embedded) 
•ProLiant  Essentials  Foundation  Pack  (including 
SmartStart™  &  Insight  Manager™) 

•3-Year  Worldwide  Pre-Failure  Warranty  (processors, 
memory  &  hard  drives),  next-business-day  parts, 
labor  &  on-site  delivery* 

$1,938 

Lease  far  under  $81  a  month  for  24  months* 


hp  ProLiant  DL380  G3 

•Rack  Model 

•Intel®  Xeon™  processor  2.40  GHz 

•512MB  Total  PC2100  Registered  ECC  DDR 
SDRAM  Memory  (2  x  256) 

•Integrated  Smart  Array  5i  Plus  Controller 

•Hot  Plug  Drive  Cage-Ultra3 
(5  x  1"  and  1  x  1.6") 

•36.4GB  U320  Universal  Hard  Drive  (1") 

10,000  rpm* 

•Two  NC7781  PCI-X  Gigabit  NICs  (embedded) 

PCI  10/100  WOL 

•Sliding  Rails  and  Cable  Management  Arm 

•ProLiant  Essentials  Foundation  Pack  (including 
SmartStart™  &  Insight  Manager™) 

•3-Year  Worldwide  Pre-Failure  Warranty 
(processors,  memory  &  hard  drives), 
next-business-day  parts,  labor  &  on-site  delivery* 

$3,662 

Lease  for  under  $  153  a  month  for  24  months' 


0%  FOR  24  MONTHS. 

For  a  limited  time,  get  0%  lease  rate  on  qualifying  purchases  made  before  April  30, 2003? 
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Toll  Free  1-866-625-0785 
www.hp.com/go/inagazine5 
Or  call  your  local  reseller. 
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INDUSTRY 

Hqvv  emerging  technologies  are 
'  transforming  key  Vertical  industries. 


Gushing  over  Linux 

Petroleum  companies  rely  on  cluster  computing  for  oil  exploration. 


BY  PHIL  HOCHMUTH 


The  oil  and  gas  industry  was  once  the  province  of  the  worlds  fastest 
supercomputers  from  makers  such  as  Cray  and  IBM.  But  recently  indus¬ 
try  heavyweights  such  as  Amerada  Hess,  British  Petroleum,  Conoco  and 
Shell  discovered  that  large  Linux  clusters  are  capable  of  tackling  the  mas¬ 
sive  computational  tasks  involved  with  finding  oil. 


“Linux  clusters  are  moving  in  and  becoming  very 
competitive  in  areas  where  large  Unix  clusters  were 
used  in  the  past,”  says  Bill  Claybrook,  an  analyst  with 
Aberdeen  Group.  That’s  because  Linux  clusters  cost 
between  five  to  20  times  less  than  proprietary  high-per¬ 
formance  computing  systems  that  require  small  for¬ 
tunes  to  acquire  and  maintain. 

“You  can  probably  run  80%  of  the  applications  used 
in  high-performance  computing  just  as  fast  on  a  Linux 
cluster  and  at  a  much  cheaper  price,”  Claybrook  says. 

Clusters  cut  costs 

Hess  migrated  from  IBM’s  supercomputer  Unix  clus¬ 
ter,  or  SP  system,  to  clusters  of  inexpensive  Linux  PCs 
over  the  last  five  years,  as  the  company  became  more 
familiar  with  Linux  and  saw  the  financial  benefits  of 
making  the  switch. 

The  Houston  petroleum  company  uses  a  cluster  of 
320  workstations  running  Red  Hat  Linux  to  process  3-D 
models  of  underground  geological  structures  used  for 
locating  oil  reservoirs.The  cluster  works  by  breaking  up 
large  amounts  of  mathematical  data  and  distributing 
pieces  of  the  problem  to  the  nodes,  which  are  a  mix  of 
Dell,  HP  and  IBM  machines  with  dual  Pentium  IV 
processors  with  about  a  gigabyte  of  memory  each. 

Each  node  works  on  its  own  part  of  the  model,  then 
returns  data  to  a  “master”  Linux  cluster  node  attached 
to  a  tape  drive.The  drive  then  writes  the  results  to  tapes, 
and  Hess  geological  experts  analyze  the  data  to  locate 
oil  reservoirs. 

Jeff  Davis,  a  systems  programmer  who  manages  the 
Linux  cluster,  says  the  change  has  let  Hess  acquire 
more  computing  power  at  a  fraction  of  the 
cost  of  the  IBM  SR  The  SP  cost  about  $1.5 
million  per  year  to  maintain  and  run, 
whereas  the  company  purchased  its  first 
100-node  Linux  cluster  for  around 
$150,000. Yearly  maintenance  costs  for  the 
cluster  run  about  a  quarter  the  cost  of  the 
equipment.  Davis  adds,  noting  that  clusters 
now  can  be  added  for  about  $100,000. 

“The  SP  was  a  first-class  machine,  but  you 
paid  for  every'  bit  of  it,”  Davis  says.  “For  the 
most  part,  these  are  very  reliable  machines 
in  the  Linux  cluster" 

SP  provided  superior  uptime  —  the  SP 


system  had  been  up  for  two  years  straight  before  it 
was  taken  down  —  but  Davis  says  the  trade-off  was 
acceptable. 

“Most  of  the  problems  we  do  have  are  not  due  to 
Linux,”  he  says,  referring  to  reliability  issues  with  PC 
hardware  components  in  the  cluster.  That  was  expect¬ 
ed,  he  adds.  “What  we’re  talking  about  here  is  going 
from  top-of-the-line  server  platform  to  basically  desktop 
machines,”  he  says. 

Disclosing  the  drawbacks 

Aberdeen  Group  expects  Linux  clusters  to  become 
the  dominant  platform  for  high-performance  comput¬ 
ing  in  research  firms  and  private  industry  by  next  year, 
as  more  users  of  high-end  systems  replace  older  super¬ 
computer  infrastructure  with  Linux  boxes. 

While  the  price/performance  upside  to  Linux  clusters 
is  huge,  Claybrook  says  companies  make  some  sacri¬ 
fices  when  switching  from  a  supercomputing  platform 
to  Linux. 

One  of  those  is  speed.  While  Linux  clusters  break 
down  problems  quickly  by  distributing  workloads,  col¬ 
lecting  data  from  many  small  machines  can  introduce 
latency  not  seen  with  larger  supercomputers, 
Claybrook  says.  Also,  Linux  clusters  are  not  tied  togeth¬ 
er  as  tightly  as  a  Unix  equivalent,  where  clustering  soft¬ 
ware  is  close  to  the  operating  system. 

One  company  that  is  working  to  tighten  Linux  cluster 
operation  is  Linux  Networx,  which  mixes  Linux-based 
Intel  clusters  and  proprietary  software  to  create  sys¬ 
tems  with  more  of  a  single-image  appearance.  Shell 
International  Exploration  &  Production  (Shell  E&P) 
installed  a  cluster  of  112  Linux  nodes  with 
the  help  of  Linux  Networx. 

Since  the  mid-1980s,  Shell  E&P  used 
supercomputing  platforms  from  Cray  and 
clustered  Unix  systems  to  perform  such 
tasks  as  geological  simulations  of  under¬ 
ground  oil  reservoirs. 

The  firm  ran  into  technical  and  financial 
problems  with  these  approaches,  says  Jim 
Clippard,  a  senior  research  geophysicist 
who  works  for  Shell  E&P  in  the 
Netherlands.  While  powerful,  the  Cray  plat¬ 
form  was  costly  And  the  Unix  clusters  used 
didn’t  have  very  fast  interconnects  among 


machines,  which  limited  the  kinds  of  algorithms  the 
company  could  run  on  the  clusters. 

Shell  E&P  went  with  a  Linux  Networx  cluster  with 
Gigabit  Ethernet  interfaces  connecting  all  112  nodes, 
allowing  for  ample  interconnect  speeds.  Now  Shell  can 
scale  its  processing  power  beyond  what  it  previously 
had,  because  it  can  add  a  new  Linux-based  processor 
for  about  one-tenth  the  cost  of  adding  a  new  Unix  clus¬ 
tered  node,  Clippard  says. 

This  scaled-up  processing  power  lets  the  company’s 
research  programmers  create  new  algorithms  for  mod¬ 
eling  geological  structures  that  were  not  previously 
possible.  Buying  the  amount  of  Unix  or  Cray  processing 


H  OIL  AND  GAS  INDUSTRY:  AT  A  GLANCE 

Worldwide  oil  revenue:  $400  billion  in  2002, 
according  to  Newcastle  University. 

Cost  to  produce  a  barrel  of  oil:  $6.33 
in  2001,  according  to  research  from  John  C. 
Herold  Inc. 

Oil  and  gas  IT  spending:  $85  billion  in  2002, 
Gartner  reports. 

Oil  and  gas  company  capital  spending:  $158 
billion  for  2001,  according  to  John  C.  Herold  Inc. 


power  necessary  to  run  some  of  Shell’s  new  programs 
would  have  been  cost-prohibitive,  he  adds. 

IBM  also  has  been  active  in  helping  its  petroleum  cus¬ 
tomers  migrate  to  Linux-based  clusters,  and  Linux-  and 
Unix-based  hosted  grid  technology  for  seismic 
research  computing.  Earlier  this  year,  IBM  also  began  a 
hosted  supercomputing  service  in  which  research- 
focused  customers  can  tap  into  a  cluster  of  Intel-  and 
PowerPC-based  servers  hosted  at  an  IBM  facility  in 
Poughkeepsie,  N.Y  Users  pay  to  tap  into  a  grid  of  more 
than  100  IBM  eServer  p655  Unix  servers  and  Intel-based 
eServer  x335  and  x345  systems  running  Red  Hat  Linux. 
For  oil  companies  with  only  periodic  needs  for  super¬ 
computing  applications,  the  rent-a-cluster  approach 
has  proved  useful. 

PGS  Data  Processing,  a  petroleum  research  firm 
working  on  seismic  imaging  in  the  Gulf  of  Mexico, 
now  scale  real  time  to  handle  requests  for  urgent 
supercomputing  needs  as  they  arise,  says  John 
Gillooly,  vice  president  of  Western  Hemisphere  Data 
Processing  for  the  company.  Much  of  the  project  work 
is  dedicated  to  data  collection  on  oil  platforms  rather 
than  in  a  computer  room. “On-demand  supercomput¬ 
ing  ideally  suits  our  business  requirements  for  emerg¬ 
ing  technologies  that  require  short  periods  of  inten¬ 
sive  computing,”  he  says.  ■ 


More  online! 

Download  a  how-to  guide  for 
setting  up  a  Linux  cluster. 
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technology  solutions  were  exhibited  at  SUPERCOMM. 
Be  here  for  the  important  breakthroughs. 


O  Visit  discover.supercomm2003.corn 
O  Register  for  FREE,  register.supercomm2003.con 
O  Sign  up  for  education,  education.supercomm2003.com 
O  Go  to  Atlanta  in  June,  atlanta.supercomm2003.com 


SUPERCOMM  is  your  chance  to  see  breaking  technologies  before  they  become  yesterday's  news.  That's  because  each  year 
SUPERCOMM  brings  the  leading  companies  in  communications  and  IT  together  in  one  time  and  place.  As  a  result,  you  have  a 
unique  opportunity  to  evaluate  fiber,  wireless,  enterprise  and  cable  solutions  from  around  the  world.  You  can  also  participate  in 
exciting  education  sessions  and  industry  demonstrations.  And  you  can  share  ideas  and  information  with  thousands  of  colleagues. 
No  wonder  the  world's  communications  professionals  rely  on  SUPERCOMM.  They  know  that  SUPERCOMM's  global  perspective  helps 
them  make  the  best  possible  choices  for  their  infrastructure.  To  be  there  for  the  next  breakthrough,  go  to  supercomm2003.com 
and  register  now.  June  1-5  2003,  Atlanta  Georgia,  supercomm2003.com 


•Source:  Expo  Exchange,  LLC 
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Face-ofF 

Two  technology  execs  debate  whether  compc 

Is  the  enterprise  ready  for 
end-to-end  wireless  LANs? 

jnies  should  start  using  wireless  LANs  today. 

YES,  by  Doug  Klein 


NO,  by  Merwyn  Andrade 


The  enterprise  is  ready  for  wireless  LANs  for  three  reasons:  replacing  cable  with 
wireless  gives  companies  an  instant  ROI;  deployment  issues  have  established 
solutions;  and  rollouts  are  well  under  way  One  wireless  access  point  typically 
saves  a  company  significantly  more  than  the  labor  cost  of  running  wire. 
Multiply  these  savings  by  thousands  of  users,  and  it’s  easy  to  see  why  access 
points  are  rapidly  appearing  across  companies. 

Although  to  some  the  phrase  “enterprise  wireless  LAN”  implies  a  network  of  hundreds 
of  access  points,  most  companies  deploy  tens  of  access  points,  not  hundreds  or  thou¬ 
sands.  A  wireless  LAN  with  20  access  points  easily  serves  1,000  users.  So  the  most  press¬ 
ing  deployment  issues  are  not  how  to  manage  large  numbers  of  devices,  but  how  to 
manage  the  rights  and  services  for  hundreds  or  thousands  of  users. 

In  an  enterprise  environment,  the  IT  organization  maps  corporate  policies  onto  the  com¬ 
puting  and  network  infrastructure.  Users  are  granted  access  to  resources  based  on  their 
identity,  role  in  the  organization  and  other  related  factors. 

In  the  wired  LAN,  these  policies  are  applied  to  physical  ports  in  the  switching  fabric  — 
the  ports  where  specific  users  connect. This  model  is  completely  flawed  for  wireless  LANs, 
where  radio  signals  bleed  through  walls, shared  access  points  connect  multiple  users  and 
mobility  implies  a  mix  of  users  at  any  access  point. 

The  objective  is  to  support  user  mobility  while  letting  administrators  apply  network  ac¬ 
cess  policies  appropriately  Administrators  should  be  able  to  use  the  same  policy  servers 
for  the  wireless  LAN  as  they  do  for  the  wired  LAN.  Ideally,  a  system  should  support  multi¬ 
ple  standard  authentication  mechanisms  for  maximum  flexibility  Control  must  not  rely  on 
any  physical  device,  but  instead  reflect  the  user’s  identity  time  of  day  and  current  location. 

In  addition  to  maintaining  network  security  the  ideal  approach  assures  the  integrity  of 
user  data  as  it  travels  across  the  “open”  radio  network  on  its  way  to  the  wired  LAN.The  sys¬ 
tem  needs  to  support  the  varying  needs  of  data  encryption,  ranging  from  none  (open, 
insecure  access)  to  very  high  (VPN-level  data  security). 

Network  access  policy  and  security  requirements  must  survive  in  an  environ¬ 
ment  where  users  are  moving.  Any  system  that  requires  user  intervention  (rel¬ 
ogging  on,  reconfiguring  devices)  to  fulfill  the  organization’s  security  re¬ 
quirements  will  fail.  And  as  the  network  grows,  the  system  must  scale  to 
supply  consistent  levels  of  mobility  security  and  control,  as  well  as  adapt 
to  support  new  and  evolving  standards. 

By  implementing  a  wireless  LAN  with  awareness  of  the  issues  and  require¬ 
ments  for  a  secure  network,  IT  organizations  are  embracing  this  technology, 
improving  user  services  while  delivering  the  security  and  integrity  that 
modern  network  practices  demand. 

Klein  is  CTO  k  r  Vernier  Networks,  a  developer  of  wireless  network  infra¬ 
structure  system:.  He  can  be  reached  at  klein@vemiernetworks.com. 


Until  tools  are  available  that  will  let  network  managers  effectively  deploy, 
secure  and  manage  wireless  LANs,  802.11  technology  will  continue  to  lan¬ 
guish  in  the  enterprise. Without  a  structured  architectural  blueprint  by  which 
companies  can  operate  and  scale  wireless  LANs,  extending  them  across  the 
campus  will  be  more  complex  and  costly  than  using  current  technology 
Two  huge  obstacles  are  stifling  enterprisewide  adoption  of  wireless  LANs:  mobile  secu¬ 
rity  and  deployment.  With  wireless  LANs, your  network  is  now  in  the  air.  Consequently,  it’s 
essential  to  have  a  clear  view  and  complete  control  of  the  airspace.Not  only  must  you  be 
able  to  identify  malicious  users  and  rogue  access  points,  but  also  take  action  automati¬ 
cally  against  unauthorized  activity 

Today’s  wireless  LAN  appliances  are  point  products  that  address  only  a  one  aspect  of  the 
security  problem.  To  deploy  a  secure  wireless  LAN  with  these  products,  an  appliance  is 
needed  that  detects  rogue  access  points,  another  that  does  user  authentication  and  ac¬ 
cess  control,  and  yet  another  that  terminates  VPNs.  Network  managers  cannot  live  with 
such  a  disjointed  approach  to  wireless  LAN  security  An  approach  that  addresses  all 
aspects  of  security  and  lets  network  managers  quickly  enact  changes  across  the  wireless 
LAN  is  key  to  enterprise  wireless  LAN  deployment. 

In  today’s  wireless  LAN  model,  security  and  wireless  intelligence  are  largely  distributed 
in  access  points  —  which  is  difficult  to  manage  and  a  nightmare  to  qpgrade.This  leads  to 
the  second  obstacle:  large-scale  deployment.  Simply  put,  given  the  limitations  of  wireless 
LAN  technology  companies  have  found  it  next  to  impossible  to  deploy  wireless  LANs 
beyond  small  pockets. 

Clearly  missing  is  the  ability  for  network  managers  to  capture  802.1 1  packets  out  of  the 
air  and  process  those  packets  centrally  This  is  essential  to  troubleshooting  wireless  LANs, 
monitoring  station-to-access  point  associations,  evaluating  traffic  flows,  load  balancing 
traffic,  automating  around  failures  or  changing  channel  and  coverage  settings  when  traf¬ 
fic  patterns  change.  Without  such  capabilities,  network  managers  cannot  build  and  man¬ 
age  large  wireless  infrastructures. 

But  new  wireless  LAN  switching  technology  has  emerged  to  give  network 
managers  a  centralized  model  and  the  tools  necessary  to  deploy,  scale  and 
secure  enterprise  wireless  LANs.  A  centralized  switch  in  the  wiring  closet  or 
data  center  controls  and  coordinates  access  points  that  provide  user  access 
and  air  monitoring.  All  changes  to  and  control  of  the  wireless  LAN  is  stream¬ 
lined  and  automated.  This  lowers  operational  management  costs,  solves  the 
security  upgrade  problem  and  radically  simplifies  deployment  —  leaving  users 
unplugged  but  well-connected. 


More  online! 


Log  on  to  Network  World  Fusion  to  voice  your  opin¬ 
ion.  Face-ofF  authors  Doug  Klein  and  Merwyn 
Andrade  will  add  their  thoughts  to  the  discussion. 
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Andrade  is  director  of  technology  at  Aruba  Wireless  Networks  and  is 
a  contributor  to  the  IEEE  802. 1  li  security  specification.  He  can  be 
reached  at  merv@arubanetworks.com. 
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Where  the  jobs  are 

Despite  the  economic  malaise,  there  are  still  pockets  of  industries  that  have  IT  openings. 


■  BY  LINDA  LEUNG 

Virginia  mortgage  investment  firm  Freddie  Mac  is  enjoying  rich 
pickings  in  its  ongoing  quest  to  expand  its  IT  workforce  as 
resumes  fly  in  from  IT  workers  laid  off  from  local  high-tech  firms 
such  as  AOLTime  Warner  and  WorldCom. 


In  mid-March,  Freddie  Mac  had  20  open¬ 
ings  in  its  IS  division,  as  compared  with  30 
IS  openings  at  any  given  time  in  2002  and 
60  in  2001.  However,  Freddie  Mac  as  a 
whole  receives  10,000  resumes  per  month, 
says  Bill  Ledman, senior  vice  president  of 
IS  and  services.The  company  employs 
about  1 ,000  IS  workers  and  attributes  its 
growth  to  the  refinancing  boom. 

“We  sit  in  the  Dulles  corridor  —  the 


second  quarter  of  2001.  However,  5%  said 
they  would  cut  their  workforces  in  the  sec¬ 
ond  quarter  of  2003  —  the  highest  per¬ 
centage  of  executives  since  the  second 
quarter  of  2001.  A  full  86%  of  executives 
planned  no  changes  in  hiring  activity 
Many  CIOs  are  keeping  hiring  plans  on 
hold  because  of  continued  economic 
uncertainty  says  Katherine  Spencer  Lee, 
executive  director  at  Robert  Half  Tech- 


The  majority  of  applicants 
are 

employe 

and  somewhat 


Mike  Barbee 

President  and  general  manager,  Wamnet  Government  Services 


heart  of  the  Internet.  Because  of  the  tech 
crash,  we  have  a  lot  more  people  to  pick 
from,”  Ledman  says. 

Michael  Erana,  CTO  at  Kvaerner  Phila¬ 
delphia  Shipyard,  received  200-plus  re¬ 
sumes  when  he  recently  advertised  a  CAD 
coordinator  position.”!  received  far  more 
than  I  could  go  through;  1  felt  bad,”  he  says. 
Now  he  relies  on  word  of  mouth. 

Erana’s  eight-person  IT  team  supports 
the  shipyards  1,500  employees, and  he  is 
looking  to  add  a  senior  Unix  administra¬ 
tor,  a  part-time  Web  developer  and  up  to 
three  desktop  support  specialists. 

According  to  a  recent  quarterly  hiring 
index,  firms  such  as  Freddie  Mac  and 
Kvaerner  are  in  the  minority  Of  the  1,400 
CIOs  polled  by  recruiter  Robert  Half 
Technology,  only  9%  planned  to  increase 
their  IT  workforces  in  the  second  quarter 
of  2003  —  the  lowest  percentage  since  the 


nology  However, “Many  of  our  clients  tell 
us  it’s  not  all  gloom  and  doom,” she  says. 
“They  will  spend  but  they  want  to  see  con¬ 
vincing  signs  of  economic  rebound.” 

Sixteen  percent  of  the  IT  executives  hir¬ 
ing  are  in  the  business  services  and  trans¬ 
portation  sectors,  while  only  1%  of  leaders 
from  the  same  sectors  planned  job  cuts. 
Managers  from  the  financial,  insurance 
and  real  estate  services  sector  followed 
closely  behind,  with  15%  saying  they 
would  hire,  compared  with  9%  of  their 
industry  colleagues  who  foresaw  a  drop  in 
workforce. 

Of  those  hiring,  54%  said  business 
growth  was  the  primary  driver  for  increas¬ 
ing  IT  staff,  followed  by  systems  upgrades 
at  16%.  More  than  one-fourth  of  CIOs 
(28%)  wanted  to  boost  their  help  desk/ 
end  user  support  departments,  while  23% 
wanted  to  increase  the  number  of  net¬ 


work  professionals.  Some  29%  of  CIOs 
from  the  professional  services  sector  — 
the  highest  number  of  CIOs  from  any  sec¬ 
tor  —  experienced  the  greatest  demand 
for  network  experts. 

One  industry  with  growing  staffing  needs 
is  the  military  IT  services  sector,  reflecting 
the  government’s  bid  to  beef  up  the  na¬ 
tion’s  security  BAE  Systems’  Information 
Systems  Sector  (ISS),  which  provides  IT 
systems  and  services  to  the  intelligence 
and  military  communities,  plans  to  hire 
between  500  and  700  technology  experts 
this  year;  while  network  services  provider 
Wamnet  Government  Services  is  searching 
for  500  IT  professionals  nationwide  in 
2003. 

Wamnet  is  a  subcontractor  to  EDS  for  its 
$6.9  billion  Navy  Marine  Corps  Intranet 
(NMCI)  contract,  and  420  of  those  new 
hires  will  work  on  that  project.The 
remaining  80  will  work  on  Wamnet’s 
other  government  contracts.There  are 
currently  1 70  openings  for  senior-, 
mid-  and  entry-level  network  execu¬ 
tives  for  the  NMCI  deal.  Wamnet 
expects  to  hire  80  people  per 
month,  peaking  with  200  job  offers 
in  the  summer. 

John  Heller,  a  senior  executive 
at  Wamnet,  says  the  company 
receives  between  20  and  100 
resumes  per  job  posting  from 
“some  very  qualified  people.” 

One-third  of  the  applicants 
are  people  who  already 
work  at  the  Navy  bases, 
either  for  the  Navy  or  other  contrac¬ 
tors,  and  others  are  candidates  who  have 
carrier-class  network  experience  from 
various  Baby  Bells  nationwide. 

Attracting  those  individuals  is  no  easier 
task  because  of  the  state  of  the  economy 
“The  majority  of  applicants  are  gainfully 
employed  and  somewhat  sought  after/ 
says  Mike  Barbee, Wamnet’s  president 
and  general  manager. 

John  Sebra, senior  director  of  human 
resources  at  BAE  Systems  ISS,  agrees.The 
firm  has  openings  for  software  and  sys¬ 
tems  engineers  but  finding  the  right  fit  is 
a  challenge  because  applicants  need  to 
pass  security  clearance  by  a  government 
agency  and  be  comfortable  working  in  a 
structured  environment.“There’s  a  great 


deal  of  competition  for  these  candidates,” 
he  says. 

Although  Kvaerner’s  Erana  says  the  mar¬ 
ket  for  job  hunters  in  Philadelphia  is  bru¬ 
tal,  attracting  and  retaining  talent  is  still 
tough. “There  is  a  flight  risk  of  the  people 
I’m  looking  for/ he  says,  adding  that  he’s 
not  rushing  to  find  the  right  fit. 

Erana  says  many  of  the  people  who 
were  laid  off  are  midlevel,  while  “the 
senior  guys  are  never  let  go.” 

“There  are  a  lot  of  people  out  there  from 
the  former  regional  Bell  operating  compa¬ 
nies,  but  they  have  tunnel-vision  skill  sets 
and  don’t  have  enough  enterprise  exper¬ 
tise,”  he  says.“They  can  configure  Cisco 
switches,  but  do  they  know  [quality  of  ser¬ 
vice,  voice  over  IP]  prioritization?”  ■ 


NPA  Awards 

Want  to  toot  your  own 
horn  for  some  recogni¬ 
tion?  The  Network 
Professional  Association 
is  seeking  entries  for  its 
second  annual  Awards  for 
Professionalism.  The 
awards  program  honors 
individuals  for  outstand¬ 
ing  achievements  within 
the  network  industry. 
Categories  include: 

1.  Best  Networking 
Professional  —  Career 
Achievement  Award 

2.  Most  Innovative  Networking 
Project  or  Implementation 
(five  subcategories): 

•  Corporate  Fortune  X. 

•  Corporate  small  business. 

•  Education. 

•  Government. 

•  Independent  network  contractor. 

But  act  quickly  —  the  deadline  is  April 
17.  Go  to  www.npa.org/awards 
for  entry  guidelines.  If  you  have  the 
right  stuff,  your  name  will  be  called  at 
an  awards  ceremony  April  29  at 
NetWorld+Interop  in  Las  Vegas. 
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Is  rack  space 

at  a  premium? 


The  RackView™  Advantage... 

The  RackView  offers  the  latest,  most  efficient  way  to  control  server  rooms  or  multiple  computers  and 
reduce  rack  space  consumption.  RackView  is  a  1 U  or  2U  rack  mountable  KVM  console  drawer  with 
optional  built-in  KVM  switch.  This  easy-glide,  KVM  console  drawer  contains  an  LCD  video  monitor, 
PS/2  tactile  keyboard  and  high  resolution  trackball. 


V 


Rose  Electronics  *  10707  Stancliff  Road  ■  Houston,  Texas  77099 


RackView™ 
fold-forward  design 


RackView™ 
fold-back  design 

♦  15".  17",  or  19”  TFT/LCD  monitor 

♦  Keyboard  has  gold-plated  key 
switches  with  lifetime  of 
20,000,000  key  presses 

♦  High  resolution  trackball 

♦  15"  up  to  1024  x  768  resolution 

♦  17"  and  19”  up  to  1280  x  1024 
resolution 

♦  Optional  integrated  KVM  switch 


♦  Minimum  rack  depth  requirement 

♦  15"  or  17”  TFT/LCD  monitor 

♦  Keyboard  has  gold-plated  key 
switches  with  lifetime  of 
20,000,000  key  presses 

♦  High  resolution  trackball 

♦  15"  up  to  1024  x  768  resolution 

♦  17"  up  to  1280  x  1024  resolution 

♦  Optional  integrated  KVM  switch 


RackView™  15”,  17”,  19” 
Monitor  Only 

♦  Fold  back  design 

♦  15”,  17”,  or  19"  TFT/LCD  monitor 

♦  15”  up  to  1024  x  768  resolution 

♦  17”  and  19"  up  to  1280  x  1024 
resolution 

♦  Front  panel  conceals  unit  when 
not  in  use 


fe  RackView™  15",  17",  or  19" 

Rack  mount  flat  panel  monitor, 
keyboard,  and  trackball  with 
^optional  integrated  KVM  switch 


When  you  need  to  use  it,  just  slide  it  out  and  tilt  the  LCD  panel  up.  It's  especially  convenient  when  you 
have  to  access  computers  that  are  installed  in  racks  nearby.  When  you  are  finished  using  it,  simply 
slide  it  back  into  the  rack  and  the  front  panel  conceals  the  unit. 

You  have  a  choice  of  LCD  panel  sizes.  If  you  are  doing  occasional  server  work,  then  perhaps  the  1 5" 
model  is  the  one  best  suited.  For  higher  resolution  applications  or  extended  use,  the  1 7"  and  1 9" 
models  will  improve  your  productivity. 

For  the  ultimate  in  server  access,  the  RackView  single  or  multiple  user  switch  option  offers  a  choice  of 
several  KVM  switches  to  allow  one,  two  or  four  users  access  to  their  servers.  The  switch  and  rack 
drawer  can  fit  into  1 U  of  space  for  maximum  space  savings. 


Rack  mountable 
keyboard  only 


♦  Easy-glide  design  fits 
in  1 U  space 

♦  Keyboard  uses  gold-plated 
key  switches  with  lifetime  of 
20,000,000  key  presses 

♦  18  mm  key  spacing  for  typing 
in  comfort 

♦  High  resolution  trackball 


USA  toll  free  800  333  9343 
ROSE  US  281  933  7673 
ROSE  Europe  +44  (0)  1264  850574 
ROSE  Asia  +65  6559  3750 

WWW.ROSE.COM 
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ELECTRONICS 


There  Is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


OBSERVER 


OBSERVER 


OBSERVER 

suit  e 


Quickly  Pinpoint,  Pre-salve  & 
Prevent  Network  Problems 


0b^-v-r  txpert  Observer 

rf!£8  Observer  Suite 

$28g5  $3g95 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows ®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 

provides  Expert  information  in  plain  English. 

* 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


NilWORIf 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1959  569880  •  Fax  +44  (0)  1959  569881 

©2002  Network  Instruments,  LLC.  Observer,  “Network  Instruments”  and  the  “N  with  a  dot”  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 
All  other  trademarks  are  property  of  their  respective  owners. 
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With  Cyclades,  the  only  thing 
missed  at  your  data  center... 


Cyclades  Console  Servers 


Feature 

Benefit 

Remote  Access 

PCMCIA  supporting  modem,  ISDN, 

GSM,  Wireless  LAN 

Security 

SSH  vl  &  v2,  LDAP,  Kerberos,  TACACS+, 

RADIUS,  Secure  ID 

Dual  Power  Supply 
(AC  &  DC) 

High  availability  when  power  fails 

Dual  Ethernet 

PCMCIA  supporting  additional  ethernet 
for  redundancy  ■  ■■  ' 

Port  Density 

1,4,8,16,32  or  48  ports  in  1U  rack  space 

“  Best  Hardware  for  Linux" 
since  1995. 


Our  console  servers  give  you  all  the  freedom 
you  need  to  manage  your  networks  and  servers 
anytime,  anywhere. 

Which  is  why  Cyclades  sells  more  console  servers  than  anyone 
else  in  the  industry. 

The  Alter  Path”  ACS  offers  the  industry's  only  combination  of 
dual  power  supply  and  PCMCIA  slots  for  enhanced  redundancy 
and  functionality.  And  because  our  technology  is  based  on 
Open  Source  Software  (Linux),  you  benefit  from  innovative 
products  that  offer  flexibility,  ease  of  customization  and 
a  high  level  of  security. 

With  Cyclades  console  servers,  you  get  the  convenience  and 
security  you  need  to  access  and  manage  all  of  the  console  ports 
in  your  data  center  at  anytime,  from  anywhere  in  the  world  - 
even  when  the  network  is  down. 


eye  lades 


Everywhere  with  Linux" 


So  relax.  You  won't  miss  a  thing. 


www.cyclades.com/vo  •  sales@cyclades.com  •  1 .888. CYCLADES 

©2003  Cyclades  Corporation.  All  rights  reserved.  All  other  trademarks  and  product  images  are  property  of  their  respective  owners.  Product  information  sue*;*:  i 
to  change  without  notice.  Photo  By:  Andre  Perlstein  /  Getty  Images 


The  Hub  of  the  Hetwork  Buy 


Buy  •  Sell  •  Lease  •  Repair  •  New  •  Refurbished  •  Lfred 

www.wdpi.com  •  877.231.2451  •  cisco@wdpi.com 

121  Cheshire  Lane,  Minnetonka,  MN  55305  U.S.A. 


IntellaPatch  32-  64- 
and  144-Port  Physical  Layer 
Switches  for  Fibre  Channel, 
Ethernet  or  ATM/SONET 


IntellaPatch  16- 

and  32-Port  Physical  Layer 
Switches  (or  10/100/1000 
Ethernet 


H! 


TestDrive  Fibre  Channel 
Drive  supports  I  or  2Gb/s 
over  Fiber  Optic  or  Copper 


QApcon 

Solutions  lor  Networks 


20,000  cable  pulls 
and  not  one  blister. 
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QApcon 
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You’re  losing  time  and  money  with  every  manual  cable  pull. 

The  IntellaPatch  Physical  Layer  Switch  automates  cable  pulls 
and  improves  repeatability.  Each  simulation  is  just  like  the  last 

Applications  also  include  remote  lab  configuration,  and  analyzer 
and  intrusion  detection  insertion.  IkieuaPaioi  switches  support 
Fibre  Channel,  Ethernet  or  ATM/SONET. 

With  IntellaPatch  switches,  you  save  time  and  money,  and  avoid 
the  pitfalls  of  manual  labor  -  like  blisters. 

Call  toll-free  at  800-624-6808 
or  visit  online  at  www.apcon.com 

Log  on  to  download  our  whitepaper:  Maximizing  Your  Test  Investment 


INTELLAPATCH  32-Port  Physical  Layer  Switch 
for  Fibre  Channel,  Ethernet,  or  ATM/SONET 
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ESP  Family  of  Serial  Hubs 

Connect  serial  ports  at  the  point  of  need  and 
eliminate  cabling  nightmares.  ESP  Multi -Interface 
models  support  RS-232,  RS-422  and  RS-485 
serial  protocols  for  a  wide  range  of  applications. 


NEW!  ESP-2  Ml 


-ft 


ESP-2  Ml  Serial  Hub 

The  ESP-2  Ml  is  a  compact  Multi-Interface,  2-port 
serial  hub  that  provides  versatile  RS-232,  RS-422 
and  RS-485  support  for  industrial/manufacturing 
and  commercial  applications. 


Call  today  for  a  FREE  30-day  product  evaluation:  1-800-275-3500,  Ext.  615  or  954-746-9000,  Ext.  615 
Email;  s?ies@equinox.com  -  intlsales@equinox.com.  For  more  information  visit  www.equinox.com 
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Connect  with  ease! 

RS-232,  RS-422  &  RS-485  serial  connectivity  for  a  wide  variety  of  applications 


Medical 

monitoring 


Fire 

safety 


Modems 


Cash 

counters 


Barcode  scanners 


Cash 

drawers 


Redept 

printers 


Scales 


Serial  monitors 
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Web  Based  Power 


Yes,  you  can  Switch 
Power  over  the  Internet... 


Servers,  routers,  and  other  electronic 
equipment  sometimes  “lock-up,” 
often  requiring  a  service  call  to  a 
remote  site  just  to  flip  the  power 
switch  to  perform  a  simple  reboot... 

The  IPS-15  gives  you  the  ability  to 
perform  this  function  from  anywhere! 


Web  Browser  Access  for  Easy  Operation 
Telnet  and  Serial  Access 
Encrypted  Password  Security 
Expandable  to  Five  (5)  Individual  Outlets 
Each  Outlet  can  Switch  a  15  Amp  Load 
On  /  Off  /  Reboot  Switching 


jflWTI  -  Internet  Powei  Switch  Microsoft  Internet  t  xplo 
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INTERNET  POWER 


LOCATION:  IPS-15  Live  Demo  Unit 

Plug  Name 

Status 

On 

Off 

Boot 

1  Serverl 

WM 

r 

r 

r 

2  Server_2 

3  — 

4  ... 

[M2 

r 

r 

r 

5  - 

All 

... 

r 

r 

r 

Plugs 

Setup  |  Logout  j 

Refresh  | 

Apply 

Cancel  | 

$p| 

0  Internet 

A 

Expandable! 
Using  IPS  Satellite  Units... 


www.wti.com 


(800)  854-7226 


western  telematic  incorporated 

S  Sterling  •  Irvine  •  California  926  1  8-2  5  1  7 


"Keeping  the  Net.. .Working!" 
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COMPLETE  KVM  CONTROL  VIA  TCP/IP 


CONTROL  KEYBOARD.  VIDEO  AND  MOUSE  REGARDLESS  OF  LOCATION 

With  the  Kaveman  networking  device,  you  can  remotely  control  servers,  either  over 
the  Internet  or  a  local  network,  down  to  the  BIOS  level. 

ACCESS  SERVERS  USING  A  WEB  BROWSER  OR  VNC 

All  you  need  to  operate  Kaveman  is  a  web  browser  or  VNC  on  the  remote  client.  No 
additional  software  is  required.  And  no  software/users  licenses  help  keep  your  costs 
down. 

REMOTB_Y  CONTROL  POWER 

Through  the  user-friendly  Kaveman  GUI,  you  can  control  the  power  of  up  to  eight 
devices. 


Available  in  single  and  eight  channel  versions 


AUTOMATICALLY  MONITOR  SERVER  ACTTVTTY 

Kaveman  automatically  monitors  critical  server  vitals  such  as  power,  video,  and 
keyboard  response;  it  alerts  you  to  crashes  and  enables  you  to  quickly  respond  :  ; 
problems. 


The  Engine  of  Innovation 


www.digitalv6.com 
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SERVER 


SERVER 


SERVER 


SERVER 


SERVER 


SERVER 


SERVER 
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True  Zero  U  Power 
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Management  Over  IP 


SERVER 


r —  — ^ 

jo/ioo  BaseT  Ethernet 

IP  for  HTML.  SNMP  & 

i  Telnet  Management 

L _ _ _ A 

RS-232 

Serial  Management 


Link  Port 
(daisy  chains  to) 

Expansion  Module 


Power  Tower  XL 

•  Outlet  Grouping  across 
power  circuits 

•  Input  Current  Monitor 

•  New  HTML  GUI 

•  Power-up  Sequencing 

•  Zero  U  vertical  and  Rack- 
mount  horizontal  models 

•  Add  a  second  Power  Tower 
to  manage  32  power-ports 


f  Sentry  Power  Tower. 
Equipment  Cabinet  Solutions. 


Server  Technology,  Inc. 

•1040  Sandhill  Drive  Reno,  Nevada  89511  USA 
web:  www.servertech.com  toll  free:  1.800.835.1515 


,l.g.f  —  — ,  . _ WJ-  Instantly  Search 

HldcdlXII  Gigabytes  of  Text 


♦  Search  across  networks,  intranets,  and  web  sites 

♦  Publish  large  document  collections  to  web  or  CD/DVD 


earch 


Search! 


dtSearchl 


Network 

Bfrom  $800 


"Superb ...  a  multitude 
of  high-end  features" 

—PC  Magazine 

"Very  powerful ...  a  staggering 
number  of  ways  to  search" 
—Windows  Magazine 

"Tremendously  powerful  and 
capable"  —Visual  Developer 


"Intuitive  and  austere  ...  a 
superb  search  tool"  —PC  World 

"A  powerful  text  mining 
engine ...  effective  because 
of  the  level  of  intelligence 
it  displays"  —PC  Al 

"Searches  at  blazing  speeds" 
—Computer  Reseller  News 
Test  Center 


In  the  past  year  alone,  over 
half  of  the  current  Fortune  10 
have  purchased  developer  or 
network  licenses. 


Features: 

♦over  two  dozen  indexed,  unindexed 
fielded  and  full-text  search  options 

♦highlights  hits  in  HTML  and  PDF 
while  displaying  embedded 
links,  formatting 
and  ffuFFTia 

♦converts  other  file 
types— word 
processor,  database, 
spreadsheet,  email,  ZIP, 

XML,  Unicode,  etc— to 
HTML  for  display  with 
highlighted  hits 

♦  developer  products  have  eas< 
wizard-based  setup;  optional 

See  www.dtsearch.com 

♦  developer  case  studies 

♦  fully-functional  evaluations 

1  -800-IT-FINDS 

sales@dtsearch.com 
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Text  Retrieval 
Engine 

♦  from  $ 999 


Web 


$999  per 


Industrial-strength 


M.tq.ir.ne 


superb 


_  j1 

$2,500 
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products 


Industrial-strength  ~ 
Superb'-PC  Magaar* 


Desktop 

♦  $199 


for 


*  y  j"|ndustrial-5trength .. 
.  I  superb"-PC  Magazine 


The  Smart  Choice  for 
Text  Retrieval3  since  1991 
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Contact  these  companies  today  to  help  you  with  your  training  needs! 


McasureUp 

(678)  356-5000 
I  www.measureup.com 
Certification  Practice  Tests 


Learnkey,  Inc.  ^ 

(800)  865-0165 
I  www.learnkey.com 
Self-paced  online  CD  network 
certification  developer  bus/apps 


I  Transcender 

(615)  726-8779 
I  www.transcender.com 
Award-winning  practice  exams 
I  for  IT  certification . 

CBT  Nuggets 

(888)  507-6283  &  (54 1)  284-5522 
|  ww.cbtnuggets.com 
inexpensive  training  videos  on  CD. 
MCSE,  MCDBA,  MCSD,  Cisco  CCNA,  Linux,  A+,  Net+ 


■Pexpert,  Inc. 

(866)  225-8064 
|  ww.ipexpert.net 
CCIE  (R&S,  SEC,  and  C&S),  CCSP, 

CCNP,  CCNA,  and  IP  TELEPHONY 

io  low/  ijjiijj  j  W  in 
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NetSmart  Learning  Partner 


The  Hub  of  the  Network  Buy 


iruMi 

See  the  entire  Generation 
3.0  collection  at: 

BRETTS 

Luggage.  Leather  goods.  Gifts 
Pens.  Clocks. 
Lighters.  Games 

www.suitcase.com 


NEW 
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AUTHORIZED  RESELLER 
Access/Routers/Switches 
Cisco  Livingston  Ascend 
3Com  US  Robotics  Kentrox 
Adtran  BayNetworks  Xyplex 
Computone  Digital  Link 
Modems  /  DSU  /  Muxes 
IBM  UDS  Codex  Hayes  GDC 
Micom  Microcom  Paradyne 
ATT  MultiTech  Penril 
Racal  Telebit  Zoom 


WE  BUY  AND  SELL 
www.wrca.net 
800-699-9722 


One -Year  Warranty 


►  Largest  warehouse  of  used  Cisco 

►  Highest  quality  and  lowest  prices 

►  Over  5000  satisfied  customers 


Call  or  email  for  a  fast  quote. 


800.439.8558 


sales@digitalwarehouse .  com 


digitaiwarehouse.com 


We  Buy  &  Sell 

USED 

CISCO 

Juniper 

Extreme 

800.451.3407 

Since  1985 

50-90%  Savings 
Fully  Guaranteed 
Overnight  Delivery 

etworkhardware.com 


SERVER  ROOM 

Temperature 

Sensors 
pirwuv.'wiim  *129" 

Multiple  Models  Including: 


THL-100 

(Battery  powered) 

THL-100  AC/DC 

(Continuous  monitoring) 

THL-100  AC/DC  Plus 

(Emaii  alarms) 


►  Records  Temperature,  Humidity  &  Light 

►  Time  Stamped  Data  for  Detailed  Analysis 

►  Windows-based  SmartSensor  Software 
•  Data  or  graphical  view 

•Easily  exports  to  common  spreadsheet 
software 


Toll  Free  1-866-442-7767 
www.smartronix.com/products 


ph:  +1  401 

OptimumDatalnc.  ^ox  +  ^  ^ 

www.optimumdata.com 


toll  free  800  879  8795 
ph:  +  /  402  575  3000 
fox:  +7  402575  2011 
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1 20  Day  v^acrarffy 

Cisco  •  Paradyne  •  ADTRAN  •  Sun  •  Extreme  Networks 


You've 
Got  Mail! 

Security  Problems? 


C^SECUREMATiCS' 


Authorized  Distributor 


Call  1-888-746-6700 


www.securematics.com 


ENTERPRISE 

Managed  SSL 


128  bit  -  Fully  Vetted 
99%  Browser  Coverage 

Central  Management  Real-Time  Deployment 

$43 

Enterprise  Discounts 
Enterprise  Sales  Group 
401-293-0119 

COMO  DO 

www.comodogroup.com 


For  more  information  on 
advertising 
in  the  Marketplace, 
STOP  everything,  and 
call  now! 

800-6221108  ext. 6465 


m  itgpj 

Advertise  in  the 
Marketplace  and  watch 
your  sales  come 
pouring  hi! 


Call  Direct  Response 
Advertising 
1-800-622-1108 


Cisco  Stums 


Truckload 

S 


NORTEL 

NETWORKS 


8  tass  #b»x. 


Networks 


Fax  Equipment  List  To  801-377-0078 


888-8LANWAN 


Call  for  Free  Quote!  (888-852-6926) 


Also  Available:  Wellfleet,  Bay,  Fore, 
Xylogics,  Livingston,  &  Ascend 

In  Stock  •  Fast  Delivery  •  No  Expedite  Charges 


COMSTAR,  INC. 

The  #1  Network  Remarketer 

952*835*5502 

Fax  952*835*1927  E-Mall:sales@comstarinc  com 
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Temperature 
Humidity 
Air  Flow 
Light  Level 
Doors  Open 
Camera  Optional 


Weather 

Duck 
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512.507.3428 


E-mail  alerts. 

Web,  Excel",  SNMP  Software 


v!fwr«y.BfWcs{l@l8®®g8.«@asi 
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Versa  Tables 

Factory  Direct  Prices 
Lifetime  Werrenty  made  In  USA 


310-973-0364  www.veraidlreot.com 


Buy,  Sell  or 

Announce  ***» 
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Network 
Products 

and  Services  with 
Network  World's  -1 
Marketplace 
Call  800-622-1 10G 
ext.  6507 
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IT  CAREERS 


it  careers.com 


technology  reaching  for 


Canon  U  S  A.,  Inc.  is  an  industry  leader  in  professional  and  consumer  imaging  solutions  and, 
through  its  parent  company,  Canon  Inc.,  is  a  top  patent-holder  of  imaging  technologies.  We 
currently  have  exceptional  opportunities  at  our  Lake  Success  headquarters. 

SYSTEMS  &  TECHNICAL  SUPPORT  DIVISION 

Our  Division  is  the  perfect  environment  to  allow  your  technical  juices  to  flow  and,  in  turn,  be 
applied  toward  the  betterment  of  our  business  products.  What's  more,  you’ll  be  surrounded  by 
others  who  share  your  passion.  A  team  of  professionals  who  are  eager  to  exchange  ideas  and 
driven  to  put  them  into  action. 

Manager,  Technology  Systems 

This  position  is  responsible  for  managing  and  maintaining  Canon's  technical  support  system's 
infrastructure,  which  includes  CRM  systems,  Knowledge  base,  Learning  Management  (LMS),  and 
Web  Services.  This  role  has  three  main  aspects:  technical  architecture  planning,  implementation 
and  support  services.  The  ideal  candidate  understands  hard-core  technology,  application 
development  and  platform  issues,  yet  has  the  interpersonal  skills  and  broad  business  acumen  to 
work  well  with  internal  clients  and  external  consultants,  understanding  the  strategic  business 
focus  of  each  project. 

We  require  minimum  5-7  years  experience  in  a  technology  driven  environment,  a  Bachelor's 
degree,  excellent  communication  skills  and  a  keen  understanding  of  web  application  technolo¬ 
gies.  Remedy  Action  Request  (AR)  System  Implementation  and  deployment  experience  a  big  plus. 

Manager  of  Service  Business 
Operation  and  Administration 

We  seek  a  dynamic,  strategic  leader  for  a  newly  created  position  directing  the  specific  activities  of 
our  Imaging  Systems  Office  Equipment  Service  &  Support  area.  In  this  position,  you  will  work 
closely  with  office  equipment  dealers  in  measuring  machine  performance  and  overall  service 
effectiveness.  Using  project  management  skills,  you  will  help  enhance  communication  and  dealer 
recognition  programs  aimed  at  improving  end  customer  satisfaction  with  Canon  brand  copiers. 

You  will  need  a  Bachelor's  degree  and  4-6  years  of  experience  in  office  equipment  service 
operations.  Proven  leadership  ability  and  proficiency  with  Microsoft  Office  also  required. 

Manager,  Engineering  Services 

Providing  a  key  leadership  role  for  planning,  managing,  and  administrating  the  Hardware 
Engineering  functions  for  digital  printing  high-end  product  lines,  you  will  lead  a  team  of 
technical  engineers  in  pursuit  of  delivering  customer  support  for  Canon's  world  class  printing 
products.  In  addition,  you  will  direct  the  support  team  to  perform  product  evaluations,  resolve 
challenging  customer  issues  and  create  and  distribute  technical  product  information. 

We  require  a  Bachelor's  degree,  minimum  5  years  office  equipment  service  support  experience 
in  a  supervisory  position,  excellent  communication  skills  and  a  technical  aptitude  in  office 
equipment.  An  understanding  of  High-End  Customer  (CRD,  Data  Center)  document  workflow 
and  applications  is  essential. 

Canon  U.S.A  offers  a  competitive  salary,  outstanding  benefits  package,  profit  sharing,  a  401k 
plan  and  exceptional  opportunities  for  growth.  Please  apply  online  @  www.usa.canon.com, 
clicking  on  CAREERS.  An  Equal  Opportunity  Employer. 


Canon 


TadSoft,  Inc.  is  looking  for  a 
Software  Engineer/Web  Developer 
responsible  for  analyzing  user 
requirements  and  designing  web 
based  (inlemet/intranet)  systems; 
coding  of  these  systems  using 
Microsoft's  ASP/CGI  technologies 
on  the  server  side  and  using  Java 
Scripting  on  the  client  side  for 
Internet  Explorer/Netscape  Navi¬ 
gator  browsers;  interfacing  relation¬ 
al  databases  on  the  server  is  a 
major  component  of  the  server  side 
coding.  These  databases  include 
but  not  limited  to  Sybase/IBM  DB2; 
batch  coding  using  Microsoft's  VB 
Script  and  Java  and  installation  of 
these  batch  programs  in  the  sys¬ 
tem;  data  migration  between  differ¬ 
ent  database  platforms  and/or 
external  vendor  systems  and  data 
loading  using  the  above  mentioned 
technologies  A  bachelor  s  degree 
in  Engineenng  is  required  Salary 
$66K.  Submit  2  copies  of  resume 
to  Job  Order#  2003-181.  P.0  Box 
989.  Concord.  NH  03302-0989 


Analyst/Project  Programmer 

The  Medical  College  of  Wisconsin 
is  seeking  Analyst/Project  Pro¬ 
grammers  for  its  Bioinformatics 
Research  Center.  The  Analyst/ 
Project  Programmer  is  responsible 
for  working  with  project  scientists 
and  other  project  collaborators  to 
design,  develop,  implement,  and 
provide  maintenance  support  for 
web  database  applications  for  bio¬ 
logical  and  medical  scientific 
research.  Qualified  candidates 
must  possess  a  Master's  degree  in 
Mathematics  or  Computer  Science 
(with  a  background  in  biological  sci¬ 
ence).  or  Biological  Science  (with  a 
strong  background  in  computers). 
Interested  applicants  please  pro¬ 
vide  a  resume  and  a  cover  letter 
with  salary  requirements  to: 

Employment  Office  -  JMC0402 
Medical  College  of  Wisconsin 
8701  Watertown  Plank  Rd 
Milwaukee.  Wl  53226 
Fax;  (414)  456-6502 

EOE  M/F/D/V 


Software  Engineer  -  Responsible 
for  design  &  development  of  the 
company’s  Business  Process 
Manager  product;  specific  duties 
incl:  maintain  system/application 
software;  design  &  develop  applica¬ 
tions  using  Object  Oriented  &  XML- 
based  technologies  &  specifica¬ 
tions,  Enterprise  Application 
Integration  (Al),  &  Web  based  tech¬ 
nologies;  develop  &  extend  ad¬ 
vanced  complex  software  system  in 
a  reliable  &  modular  fashion  using 
Java  and  XML  based  technologies. 
BS  in  Computer  Science  and  2  yrs. 
of  software  engineenng  experience 
using  Java  (J2EE).  XML-based 
technologies.  Web  based  technolo¬ 
gies  (HTTP,  SMTP.  POP3);  profi¬ 
ciency  w/  Web  Security  Protocols 
(SSL);  &  ability  to  work  on  Unix 
environment  &  Clearcase  40 
hours/week;  Salary:  $90,000/yr 
Send  two  resumes  to  Case 
#200115822  Labor  Exchange 
Office,  19  Staniford  St  1st  FI. 
Boston,  MA  02114 


SENIOR  PROGRAMMER/ 
ANALYSTS 

MARA  CONSULTING,  INC.,  a 
California-based  Corporation,  has 
immediate  openings  for  Senior 
Programmer/Analysts  with  at  least 
five  years'  experience  in  Natural/ 
ADABAS/Programming  who  have 
worked  on  IBM  mainframe  plat¬ 
forms  utilizing  MVS/XA  ESA  and 
OS/390  Operating  Systems.  Appli¬ 
cants  must  also  have  at  least  four 
years  of  formal  academic  training  in 
computer  data  processing,  Compu¬ 
ter  Science  or  a  related  field  culmi¬ 
nating  in  government  diplomas  or  a 
Bachelor's  Degree.  Must  be  willing 
to  travel  from  the  Sacramento. 
California  area  to  temporary  work 
sites  throughout  the  United  States 
to  be  paid,  at  least,  the  prevailing 
wage  in  that  area.  Employees  will 
remain  employed  by  MARA  CON¬ 
SULTING,  INC.,  (www.maracon 
sultina.coml  with  continuing  bene¬ 
fits.  Send  your  resume  with  current 
address  and  telephone  number  to 
MARA  CONSULTING.  INC.,  8577 
Almond  Bluff  Court,  Orangevale. 
CA  95662  or  email  to 
maracons@Dacbell.net.  EOE 


Full-time  Technical  Project  Mana¬ 
ger.  Multiple  Openings  Manage  the 
design,  development  and  imple¬ 
mentation  of  business  software 
solutions  for  client  companies,  uti¬ 
lizing  expertise  in  Microsoft  tech¬ 
nologies,  including  Microsoft  NET, 
UML,  and  Rational  Rose;  position 
requires  extensive  technical  men¬ 
toring  of  systems  analysts,  busi¬ 
ness  analysts  and  client  end  users. 
Must  have  five  years  Microsoft 
development  experience,  including 
at  least  2  years  of  Enterprise  .NET 
project  development.  MCPT  Re¬ 
quired.  Must  be  willing  to  travel  to 
client  sites  M-F,  and  have  proof  of 
legal  authority  to  work  in  the  United 
States.  If  interested,  submit  resume 
to:  Jennifer  Allen,  Extreme  Logic, 
Inc.,  Two  Concourse  Parkway. 
Suite  500,  Atlanta,  GA  30328. 


Operations  Research  Analyst. 
8a-5p,  40  hrs/wk.  Analyze  oper¬ 
ational  data,  formulate  &  apply 
mathematical  models  to  dvlp 
decision  support  s/ware  for 
streamlining  operations;  provide 
logistics  report;  implement,  test, 
maintain  program  using  Visual 
Basic,  MS-Access,  SQL,  Crystal 
Report  &  Windows  NT.  Bach¬ 
elors  or  equivalent  degree  in 
Mathematics,  Statistics,  Opera¬ 
tions  Research,  Information 
Systems,  Computer  Science  or 
Engineering  or  related  field. 
Send  resume  to:  Ramji-Krupa, 
Inc.  dba  Days  Inn,  5701 
Baltimore  National  Pike, 
Baltimore,  MD  21228. 


Project  Manager  -  IT  wanted  by 
Producer  of  Vitamins  &  Fine 
Chemicals  in  Parsippany,  NJ. 
Must  have  Bachelor's  degree  or 
foreign  equiv.  degree  in  a  quanti¬ 
tative,  business  or  other  technical 
discipline  and  8  yrs.  exp.  in  job 
offered  or  IT  experience.  Experi¬ 
ence  must  include  3  yrs.  of  SAP 
experience  in  Materials  Manage¬ 
ment  and  Production  Planning, 
experience  with  Materials  Re¬ 
quirements  Planning  (MRP),  and 
experience  with  vitamin  blends 
formulation.  Respond  to  Roche 
Vitamins  Inc.,  Attn.  Human 
Resources,  Dept,  code  WHR,  45 
Waterview  Blvd..  Parsippany,  NJ 
07054-1298;  fax:  (973)  257-8419; 
or  e-mail:  parsippany.human_ 
resources@roche.com. 


Quantitative  Analyst  wanted 
by  Manhattan  Securities 
Clearing  Firm  to  conduct 
risk  analyses  and  modeling 
projects.  Must  have  2  yrs. 
exp.  with  database  adminis¬ 
tration/application  design  & 
C++  programming.  A  Mas¬ 
ter's  degree  (or  completion 
of  all  Master's  coursework) 
in  Financial  Engineering  or 
in  a  related  field  is  required. 
Fax  resumes  to  HR  Dept., 
DTCC  (212)  855-5802. 

Refer  to  Job  #807 1 . 


Glovia  Int'l,  El  Segundo.  CA 
Business  Development 
Manager  (Supply  Chain) 

Associate's  (or  equiv.)  +8  yrs 
progressive  exp.  in  Supply 
Chain  &  ERP  solutions,  pre¬ 
sales  consulting,  IT  technical  & 
business  infrastructure  &  ProlV 
programming.  Function  as  rec¬ 
ognized  leader  in  Supply  Chain 
Solutions  by  develop  staff/exe¬ 
cute  team  programs;  develop 
customer  relationships;  manage 
business  systems  &  contribute 
to  develop  of  intellectual  capital. 
Requires  80%  domestic/int'l 
travel.  Manage  staff  in  delivery 
of  pre-sales  consulting  services 
in  Supply  Chain  &  ERP  software 
solutions  w/  responsibility  for 
budgets  of  $1.5M.  Develop 
business  strategy  to  expand 
customer  involvement  with  com¬ 
pany's  vertical  market-specific 
discrete  mfg.  applications  using 
ProlV.  Resume  to: 
HR2@glovia.com  in  MS  Word 
format. 


Computer  -  Programmer 
Analysts  needed.  Seeking 
qual.  candidates  possess¬ 
ing  MS  or  equiv.  and/or  rel. 
work  exp.  Rel.  exp.  must 
include  2  yrs.  working  with 
Java,  Oracle  &  Weblogic. 
Work  with  3  of  the  follow¬ 
ing:  Oracle,  Weblogic, 
Java,  Websphere,  Rational 
Rose,  Sybase  and  XML. 
Fwd.  resume  &  ref.  to 
Enterprise  People,  Inc. 
Attn:  HR,  109  Mayfair  Dr., 
Boxborough,  MA  01719. 


Process  Engineer  (multiple  posi¬ 
tions):  Develop  and  support  the 
engineering  functions  of  the  wafer 
fabrication  area.  Develop  process 
of  ion  implantation  in  SiC  mono- 
crystalline  substrates,  definition  of 
process,  training  and  certification 
of  operators,  qualification  of  pro¬ 
cess,  process  control  measure¬ 
ments,  tolling  selection  and  pro¬ 
curement,  and  leading  cost  reduc¬ 
tion  and  process  control  efforts. 
Bachelors  degree  in  Electoronic 
Engineering  and  2  years  prior 
experience  required.  $80,000/yr. 
Send  resumes  to:  Cree,  Inc.,  4600 
Silicon  Drive,  Durham,  NC  27703. 
(attn:  HR)  EOE/M/F/H/V.  No  phone 
calls  please. 


Quality  Control  Engineer/ 
Localization  Specialist  need¬ 
ed.  Seeking  candid,  poss. 
MS/BS  or  equiv.  &/or  rel.  work 
exp.  6  mos.  of  the  req.  rel. 
exp.  must  incl.  documenting 
Quality  Assurance  processes. 
Duties  include:  design  and 
maintain  automated  &  perfor¬ 
mance  tests  and  draft  detailed 
test  plans,  specifications, 
strategies  &  estimates.  Mail 
res.  and  ref.  to  Centra 
Software,  Inc.,  430  Bedford 
St.,  Lexington,  MA  02420, 
ATTN;  HR  req.  #36 


S/W  Engineers  to  analyze,  design, 
develop,  maintain  business  appls 
using  Java,  XML,  JavaScript. 
HTML.  DHTML,  XML.  COM/ 
DCOM.  PLSQL,  Oracle,  etc  on 
Windows  OS;  analyze  business 
processes  to  determine  client  reqs; 
maintain  documents/program 
specs;  create  appl  prototypes  for 
client  approval;  perform  research, 
analysis,  testing  of  new/existing 
technologies  Require:  Masters  or 
foreign  equiv  in  CS/Engg/Physical 
Science/Business  discipline  with 
lyr  exp  in  IT.  High  salary.  Travel 
involved  Resumes  to:  HR.  Synergy 
Amenca.  1565  Woodington  Circle. 
Suite  101.  Lawrenceville,  GA 
30044. 


Senior  Software  Engineer  Lead, 
model,  analyze,  design  and  devel¬ 
op  applications  using  Multi-Tier 
Client/server  internet,  intranet,  e- 
commerce  solutions  and  technolo¬ 
gies  and  object-oriented  methodol¬ 
ogy  including  Java.  MSAccess  and 
XML/XSL.  Must  have  Bachelor  of 
Engineering  in  Comp  Sci..  Eng,  or 
related  Field  and  5  years  of  expen- 
ence  in  software  development. 
Knowledge  of  Multi-Tier  Client/ 
Server  applications  in-cluding  Java. 
MSAccess  and  XML/XSL  40hrs/ 
wk  (9:00  a  m.  to  5:00  p.m  ); 
$1 00.000. 00/yr.  Send  two  resumes 
/responses  to:  Case  Number 
200115555.  Labor  Exchange 
Office.  19  Staniford  Street.  1st 
Floor.  Boston.  MA  02114. 


Software  Developer  for 

text  analysis  and  develop¬ 
ment  of  programs  in  many 
languages  esp.  Korean  + 
development  of  categoriza¬ 
tion  extraction  and  email 
alerts  software.  Reqs: 
Masters  +  0  experience  or 
Bachelors  +  2  years  experi¬ 
ence.  Fluency  in  Korean. 
Send  resume  to:  Teragram, 
236  Huntington  Ave.  #302, 
Boston,  MA  02115,  Attn: 
Yves  Schabes.  NO  CALLS. 


Software  Developer:  plan,  devel¬ 
op,  test  and  document  computer 
programs;  evaluate  users'  request 
for  new  or  modified  program;  con¬ 
sult  with  users  to  identify  and  clar¬ 
ify  program  objectives;  analyze, 
review,  and  alter  program  to 
increase  operating  efficiency  or 
adapt  to  new  requirements;  and 
assist  users  to  solve  operating 
problems.  Req.  BS  in  CS  or  relat¬ 
ed  field  plus  10  months  exp.  in  job 
offered  or  as  Programmer.  Must 
be  proficient  in  J2EE,  Unix/ 
Solaris,  UNIFY,  VoiceXML  and 
Multi-threading.  40hr/wk,  9-5. 
Contact  Donnelly  Communication, 
Inc.  at  1776  Peachtree  St.,  Suite 
200,  Atlanta,  GA  30309. 


Technical  Consultant  (Programmer 
Analyst)  -  Will  provide  database 
implementation,  configuration  & 
customization  under  Windows 
2000  &  SQL  server  environ.;  de¬ 
sign,  develop  &  customize  applica¬ 
tions  &  systems  as  per  customer's 
needs  &  requirements;  implement 
solutions  using  ONYX  software  & 
web  based  CRM  systems  and  other 
cutting  edge  technologies.  Master's 
in  Comp.  Sci.,  Engin.,  Math  or  relat¬ 
ed  field  &  knowledge  of  RDBMS. 
SQL.  programming  web  applica¬ 
tions  &  virtual  office  implementa¬ 
tions.  40  hours/week;  Salary: 
$68,450/yr.  Send  two  resumes  to 
Case  #200116087,  Labor 
Exchange  Office.  19  Staniford  St 
1st  FI,  Boston  MA  02114 


Systems  Analyst  -  Uses 
systems  analysis  skills  to  ana¬ 
lyze  Latin  banking  systems  & 
business  req.  Designs,  dev.  & 
prog.  Software  for  integrated 
banking  systems  in  Latin 
America  Banks  &  financial 
institutions.  Works  w/  IBM, 
AS/400,  RPG,  ILE,  static  pro¬ 
gramming  w/  servlets.  De¬ 
signs  teller  attn  systems  incl. 
(Sarabank  Safe,  IBS  Branch) 
40  per  wk  9A-6R  3  yrs  req.  in 
job  offered.  Fax  resume  to 
Datapro,  Inc.  Attn:  William 
Montiel  (305)  929-4182. 
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Manager.  Software  Engineering 

Wave  Three  Software.  Inc.  is  a  pri¬ 
vately  held,  cutting-edge  engineer¬ 
ing  company  that  develops  and 
licenses  software  for  desktop  com¬ 
munication  and  collaboration.  We 
are  currently  looking  for  a  Manager 
of  Software  Engineenng  who  can 
lead  our  team  in  taking  the  existing 
product  suites  and  creating  the 
WolP  products  of  the  future 

The  successful  candidate  will  be 
hands-on  in  the  designing,  coding, 
testing  and  delivery  of  the  software 
products.  A  Bachelor's  degree  in 
Computer  Science  or  Computer 
Engineenng  or  working  equivalent, 
and  a  minimum  of  five  year's  expe¬ 
rience  creating  industry  leading 
audio/video  communications  soft¬ 
ware  is  required  Excellent  knowl¬ 
edge/experience  with  C/C++  pro¬ 
gramming,  object-onented  design, 
software  design  and  development 
tools,  software  optimization  and 
real-time  software  development  is 
required.  A  solid  foundation  and 
working  knowledge  of  audio  and 
video  encoding  and  decoding  algo¬ 
rithms  and  techniques  as  well  as 
exposure  to  multiple  platforms  and 
networking  concepts  (PC,  Mac. 
Unix,  TCP/IP)  is  required  Prior 
experience  with  developing  net¬ 
working  solutions  for  IP  and  tele¬ 
communication  signaling  and  data 
protocols  including  a  working 
knowledge  of  H.323.  ISDN,  ATM. 
SIP.  SDP,  RTP  Superior  wntten 
and  verbal  communication  skills 
are  also  necessary  A  proven  track 
record  of  leading  a  project  from 
beginning  to  end  is  a  must.  Pnor 
experience  working  in  a  shrink- 
wrapped  software  environment  is  a 
plus 

Only  qualified  candidates  are 
encouraged  to  e-mail  their  resumes 
in  Word  format,  to  resume@wave3 

software, com  eoe. 


Software  Engineers/ 

Programmer  Analysts 

(St.  Louis,  MO): 

C/C++  Development: 

Develop  syst.  communication  infra¬ 
structure,  implement  server  logs, 
develop  syst.mgmt.  appls.  using 
OOD  methodology,  C/C++,  Pro  C, 
V/C++,  VB,  SQL,  UNIX.  Oracle, 
Shell  Scripts,  UML,  TCP/IP,  and 
AIX. 

Java  Development: 

Develop  multi-tier  00  web-based 
info.  Syst.  on  J2EE  architecture  in 
both  NT  and  Unix  envir.  using 
C/C++,  Java,  VB,  EJB,  Servlets, 
Jbuilder,  Java  Beans,  JDBC,  JSP, 
XML,  SQL,  Oracle,  Websphere, 
and  UML. 

Network  Administration: 
Plan/program  network  and  web 
appls.  for  large  scale  LAN/WAN 
networks  in  UNIX/NT  envir.  using 
TCP/IP,  BGP/OSPF  protocols, 
Cisco  Internet  Router  (1000+), 
MPLS/VPN,  SNMP.  QOS.  Check¬ 
point,  VPN,  VoIP  and  Nokia 
Firewall;  analyze  complex  circuit  / 
networking  /  routing  issues;  direct 
network  testing  procedures. 

Require  BS/BA  or  the  equivalent  in 
Comp  Sc.,  Engr.  Math,  or  in  a 
closely  related  field. (will  accept 
equivalent  exp.)  plus  min.  2  yrs 
exp.  in  offered/related  position,  and 
must  be  able  to  perform  all  the 
duties  in  the  day  of  employment. 
Full  time  w /  competitive  salary. 
Resume  to  HR  NetEffects,  Inc.,  500 
Chesterfield  Ctr.,  Ste.350,  St. 
Louis,  MO  63017.  No  Call/EOE 


I71ET2S 

NET2S  is  a  leading  International  e- 
business,  information  technology, 
and  communication  infrastructure 
consulting  firm.  We  are  currently 
seeking  for  the  following  positions: 

•  Sr.  Tibco  (RV,  Hawk,  Ingetration 
Manager)  Developer 

•  IT  Risk  Mgmt  Security  Architect 

•  Sun  One  /  Siteminder  Architect 

•  Business  Objects  /  Cognos 
Developers 

•  NET  Architect 

All  positions  require  BS/MS  degree 
with  a  minimum  of  2  to  3  years  of 
experience  in  the  field.  Must  pos¬ 
sess  excellent  communication 
skills  as  well. 

NET2S.  82  Wall  Street,  Suite  400, 
New  York.  NY  10005;  Fax:  (212) 
279-1960.  Phone  (212)  279-6565,  or 
Email:  iobus-nv(g)net2s.com 


X 


Senior  Systems  Analyst  to  provide 
hardware  and  software  technical 
support  to  end  users  of  company’s 
retail  management  information  sys¬ 
tems.  Specific  responsibilities  in¬ 
clude:  Providing  system  engineer¬ 
ing,  architecture  .  administration  & 
support  for  Citrix  Metaframe  1.8  / 
Winframe  environment;  Leading 
engineering  team  for  Windows 
2000  implementation;  Providing  te¬ 
chnical  leadership  for  3rd  tier  Win¬ 
dows  2000/NT  technical  support; 
Researching  system  architecture 
and  making  recommendations  for 
server  infrastructure;  Consulting 
with  clients  on  technical  needs  and 
specification  development;  Coord¬ 
inating  &  providing  network  related 
support,  configuration,  optimization 
and  operation  support;  Testing,  re¬ 
searching  and  setting  up  applica¬ 
tions;  Developing  documentation 
for  automated  systems  and  proce¬ 
dures;  Providing  support  with  Net¬ 
work  Management  Software;  Pro¬ 
viding  training  to  end  users  in  soft¬ 
ware  and  systems  operations;  and 
Providing  backup  &  recovery  solu¬ 
tions  to  protect  Enterprise  data. 
Minimum  Requirements:  Bachel¬ 
or’s  degree  (or  equivalent)  in  Elec¬ 
tronics  &  Communication  Engineer¬ 
ing,  plus  2  years  experience  in  sys¬ 
tems  analysis  or  network  engineer¬ 
ing.  Must  be  able  to  perform  all  of 
the  following:  Design,  implementa¬ 
tion  &  administration  of  LAN/WAN 
networks;  Windows  2000/NT  sys¬ 
tem  architecture,  installation,  ad¬ 
ministration  &  troubleshooting;  Op¬ 
timization  &  troubleshooting  the 
network  environment;  Citrix  Meta- 
frame/Winframe  environment  de¬ 
sign,  installation,  administration  & 
troubleshooting;  Application/soft¬ 
ware  installation  &  troubleshooting; 
Providing  technical  support  for  data 
access  to  enable  data  retrieval  & 
manipulation;  Network  related  con¬ 
figuration  &  support;  and  Providing 
end  user  training  in  applications  & 
systems.  Must  be  knowledgeable  in 
data  backups  &  restores.  Salary: 
$58,850  for  5  day,  40  hour  week. 
Send  2  resumes  to  Case 
#200115344,  Labor  Exchange 
Office,  19  Staniford  St.,  Is*  Floor, 
Boston,  MA  02114. 


SOFTWARE  ENGINEER 
NEEDED 

Software  Engineer  is  responsible 
for  analyzing  system  require¬ 
ments  and  developing  technical 
specifications  for  computer  pro¬ 
grams  used  in  the  healthcare 
industry.  Must  consult  with  clients 
to  gather  information  about  pro¬ 
gram  objectives  and  functions, 
write  computer  code  and  user 
interfaces,  and  refine,  test  and 
debug  programs  as  necessary. 
Also  required  to  write  and  main¬ 
tain  documentation  to  describe 
program  developments,  logic, 
coding,  testing,  changes,  correc¬ 
tions,  installation  and  operating 
procedures.  Must  have  a  Bach¬ 
elor’s  degree  in  Computer  Sci¬ 
ence  and  four  years  of  progres¬ 
sive  experience  in  computer  pro¬ 
gramming,  systems  analysis,  or 
software  engineering.  Experi¬ 
ence  must  include:  Visual  Basic, 
Winsock,  Windows  Programming, 
Java2,  JAX,  Java  Threads,  Java 
Sockets.  JSP,  Servlets,  XML, 
Xerces,  Apache.  IIS,  Tomcat, 
database  concepts  (Oracle/SQL 
Server),  object  oriented  design 
and  programming  concepts  with 
UML.  Prevailing  wage  to  be  paid. 

Please  send  resume  to: 

Michael  Buda 
SIS  Acquisisitons,  LLC 
3650  Mansell  Rd.,  Suite  300, 
Alpharetta,  GA  30022 


Computer  Systems  Analyst  (mul¬ 
tiple  positions):  Designs,  devel¬ 
ops,  modifies,  debugs  and  evalu¬ 
ates  programs  for  use  in  internal 
systems  within  functional  areas. 
Analyzes  existing  programs  or 
formulates  logic  for  new  systems, 
devises  logic  procedures,  pre¬ 
pares  flow  charts,  performs  cod¬ 
ing  and  tests/debugs  programs. 
Prepare  and  obtain  approval  of 
system  and  programming  docu¬ 
mentation.  Four  years  of  prior 
exp.  required.  $75,000/yr.  Send 
resumes  to:  Cree,  Inc.,  4600 
Silicon  Drive.  Durham.  NC 
27703.  (attn:  HR)  EOE/M/F/H/V. 
No  phone  calls  please. 


DATA.  WIRELESS.  NETWORK 
YES,  YOU’RE  IN  THE 
RIGHT  NEIGHBORHOOD. 
WE  LIVE  WHERE  YOU  LIVE: 


What  can  a  company  like  State  Farm®  possibly  offer  in  the  way  of  I.T.?  Just  one 
of  the  nation’s  largest  computer  networks.  Computers  orld\ s  #2  best  place  to  work. 
And  a  wealth  of  l.T.  opportunities.  How  do  you  like  the  neighborhood  so  far? 


STATE  FARM  IS  THERE 


LIKE  A  GOOD  NEIGHBOR 


For  more  information,  visit  stalefarm.com'or  emailjobopps.corpsouth@statefarm.com. 


State  Farm  •  Home  Offices:  Bloomington,  Illinois  •  An  Equal  Opportunity  Employer 


Become  a  IHicrosoft  Windows  2000  Security  Expert. 

It's  easy.  Just  point,  dick  and  choose  the  format  that  works  best  for  you: 
•CD-ROm  •tUeb-Based  •Hands-On  *Uirtual  Classroom 

Uisit  netSmart  today  at  www.nwnetsmart.com 
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IT  CAREERS 


it  careers.com 


Software  Engineer 

Euro  Solutions  Group  dba 
e  Solutions  Group  seeks  Software 
Engirreer  -  Oraciu  Applications  in 
our  New  York.  NY  toe  Position 
involves  application  customizations 
♦  enhancements  for  business  solu¬ 
tions.  system  admin  &  trouble¬ 
shooting  Also  database  activities 
tod.  System  dev't  life  cycle,  data 
analysis  system  design  &  dev't. 
testing  *  implementation  Must 
have  Bachelors  In  Business. 
Computer  Sci.  or  related  field  and  3 
yrs  of  relevant  exp  Applicants  send 
resume  to  ^Solutions  Group,  H  R. 
Dept.  1103  Standing  Reed  PI, 
Wesley  Chapel.  FL  33543 


Software  Engineer:  Works  under 
the  supervision  of  sr.  mngmt.  To 
research/develop  image/graphics 
processing  software  related  to  the 
import/export  of  Macintosh/Win¬ 
dows  raster/vector  graphics  file  for¬ 
mats  using  Assembler/C/C++; 
design/implement  scientific  image 
processing/  image  processing  opti¬ 
mization  algorithms/  client  server 
software:  determine  design  time/ 
cost  feasibility:  evaluate  HW/SW 
interface/  system  operational/  perf. 
req's.;  develop/software  testing 
procedure/  programming/documen¬ 
tation.  Req  Bach,  in  Computer 
Engineering,  rel.  or  equiv.  and  1 
year  exp.  Resume  to  J.  Miranda. 
Deneba  Software  Inc.,  1150  N.W. 
72nd  Avenue,  Suite  180,  Miami, 
Florida  33126.  No  Calls. 


Sr.  Database  Admin.  Design, 
analyze,  test,  maintain  &  im¬ 
prove  logical  &  physical  data¬ 
bases.  Responsible  for  backup, 
recovery  &  tuning  of  databases. 
Calculate  optimum  values  for 
database  parameters  &  system 
analysis.  Use  Oracle.  SQL  serv¬ 
er,  &/or  related  skills.  Req  4  yrs 
exp  in  job/4  yrs  exp  as  Systems 
Analyst  &  Consultant  or  Asst. 
Syst.  Anal.  Or  Sr.  Programmer  & 
Programmer.  Jobsite:  West 
Greenwich,  Rhode  Island.  Send 
ad  &  resume:  Yen  C.  Chong. 
Amgen  Inc.,  One  Amgen  Center 
Dr.,  Thousand  Oaks,  CA  91320- 
1799.  Include  Ad#  02-412FV. 


Technology  Support  Mana¬ 
ger  -  for  non-profit  organiza¬ 
tion  to  manage  and  imple¬ 
ment  all  internal  IT  solutions 
including  network  support, 
troubleshooting,  and  inter¬ 
nal  helpdesks,  for  Windows 
2000,  XP,  and  Exchange 
Server  environments.  Posi¬ 
tion  requires  degree  or 
experience.  Send  cover  let¬ 
ter  and  resume  (no  calls)  to 
A.  Marano,  NPower  NY, 
145  W.  30th  St.,  8th  FI,  NY, 
NY  10001. 


WTR  Inc,  a  comp  cons  co. 
seeks  to  fill  the  following  posi¬ 
tions  in  Columbus,  Indiana. 

•  Programmer  Analyst  with 
strong  Oracle  skills.  Must 
have  BS  in  Comp  Sci,  Engg, 
or  Math  &  a  min  of  2  yrs  exp 

•  Business  Analyst  with 
Oracle  ERP  skills.  Must  have 
BS  in  Comp  Sci,  Engg  or 
Econ/Fin  &  2  yrs  exp 

Mail  R  &  CL  to  HR  Dept,  130 
W  30th  St.  12th  FI,  NY,  NY 
10001. 


Opportunities  in  Walnut  Creek, 
CA  and  Chicago.  Positions 
may  require  travel. 

•  Tech  Support  Engineer  (Mgr) 

•  Sales  Engineer 

Send  resume  to  Pointsec 
Mobile  Technologies,  Inc.,  Attn: 
HR,  1333  N.  California  Blvd. 
#445,  Walnut  Creek,  CA 
94596.  Fax  925-256-2501 
Email:  jobs@pointsec.com 


Software  Engineer:  Research, 
dsgn  &  dvlp  software  systems  & 
GUI  interfaces  using  Sun  Solaris. 
Windows  NT,  Websphere  Appln 
srvr.  MQ  Series.  Rational  Rose, 
VAJ.  JSP.  Quest  Toad.  DB2, 
Interbase  &  related  tools.  Perform 
functional  &  bus  reqrmnt  analysis. 
Customize/enhance/configure/inte¬ 
grate  s/ware  systems.  Dvlp  &  direct 
s/ware  sys  testing  procedure;  per¬ 
form  unit  &  integration  testing. 
Must  have  MS  or  eqvlnt  in  Comp. 
Sci  or  Comp  Eng  &  3  yrs  exp.  in 
s/ware  dsgn  &  dvlpmnt.  Job  in 
Chicago.  IL  &  other  locations. 
Competitive  Salary.  Apply  to  HR. 
Pixel  Information  Technology  Corp, 
3300  W  159th  St.  #206.  Markham. 
IL  60426.  FAX:  7082257763 

Software  Programmer.  Programs 
software  components  using  Visual 
C++  and  Visual  Basic;  debugs 
existing  software;  designs  and 
implements  interfaces  for  commu¬ 
nications  servers.  2  yrs.  college  in 
Computer  Science  required.  Two 
years  of  experience  in  job 
required.  40hrs/wk.  9:00  a.m.  to 
6:00  p.m.  $59, 238/year.  Applicants 
must  show  proof  of  legal  authority 
to  work  in  the  U.S.  Northwest 
Suburb  of  Chicago.  Send  resume 
to  ILLINOIS  DEPARTMENT  OF 
EMPLOYMENT  SECURITY;  401 
South  State  Street  -  7  North 
Chicago.  Illinois  60605;  Attention; 
Leonard  Boksa  Reference  #V-IL 
34630-B  an  employer  paid  ad.  No 
calls-send  2  copies  of  both  resume 
and  cover  letter. 

Sr  Programmer  Analyst. 
Design  s/ware  solutions 
using  COBOL,  MVS,  JCL, 
CICS,  or  Basic  and  com¬ 
mercial  DBs.  Bachelor 
degree  in  CS,  Eng'g, 
Business,  similar  field,  or 
equiv,  req'd,  as  is  4  yrs  as  a 
Sr  P/A  or  in  a  computer 
prog’g  position.  Competitive 
salary.  Resume  to  James 
D.  Cuniffe,  Technical 
Recruiter,  Sallie  Mae,  Inc., 
Job  #1915.26,  11000  USA 
Pkwy,  Fishers,  IN  46038. 

Computer  Programmer.  Plan, 
develop  &  test  data  ware¬ 
houses  Oracle/DB2  databas¬ 
es.  Provide  installation, imple¬ 
mentation  &  maintenance 

support.  Develop  documen¬ 
tation.  Provide  technical  sup¬ 
port.  Req:  BS  in  comp.  eng. 

40  hrs/wk.  Job/Interview  site: 

Glendale, CA.  Send  resume 

to  Satwic,  Inc.,  1205 
N.  Geneva  St.,  Glendale, CA 

91207. 

Software  Engineer  for  Columbus. 
OH  to  assist  in  plan/design/devel¬ 
op/test/document  computer  soft¬ 
ware  systems;  apply  principles 
and  techniques  of  comp  systems; 
assist  developing  and  directing 
software  system  testing  proce¬ 
dures.  programming  and  docu¬ 
mentation.  Bachelor's  in  Comp 
Sci  or  equiv  and  3  mos  in  job/job 
related  exp  req.  Exp  must  include 
UNIX.  C++.  Perl.  Java.  SQL 
(PgSQL),  UNIX  supervising 
(UNIX/Solaris),  Apache.  MPTG, 
SNMP,  ssh,  Free  TDS.  Resumes 
(no  calls)  to  699  Harrisburg  Pike, 
Columbus.  OH  43223.  EOE. 

Software  Engineer  (Columbus, 
OH):  Design,  analyze,  develop, 
test,  implement  &  maintain 
client/server  projects  on  UNIX, 
WINDOWS,  Design  &  analysis 
Database  using  Oracle 

Designer.  Server  side  dvlpmn't 
using  SQR,  PERL,  C,  COBOL, 
SQL  scripts.  Front-end  dvlpmn't 
using  Oracle  Developer,  Java, 
JFC,  VB6.0,  JavaScript  & 
HTML.  Test  w/  MS-Test/SQA 
Team  Test.  Req.  Bachelor's  or 
its  foreign  degree  equivalent  in 
C.S.,  C.S.E,  C.E.  or  other  engi¬ 
neering  field  +  2  yr.  exp.  in  job 
offered.  Resume  to:  HR  Mgr., 
SoftTech,  Inc.,  6025  The 
Corners  Pkwy,  Ste  204, 
Norcross,  GA  30092 

Forum  Systems  currently  has 
opportunities  in  Sandy.  UT  for  the 
following  positions.  ’Software 
Engineers/Consultants* 

'Must  be  available  to  travel  to 
various  and  unanticipated  work¬ 
sites  throughout  the  U.S. 
Positions  require  Master's  in  CS. 
Engineering,  or  related  field  and  2 
years  of  software  engmeenng  ex¬ 
perience  Expenence  must  include 

1 )  XML -based  encryption 

2)  SOAP 

3)  Cryptography. 

4)  EJB  development  and 

5)  6  sigma  project  methodologies 
Send  resumes  to:  Zak  Famngton. 
Forum  Systems.  45  West  10000 
South  Ste  415.  Sandy.  UT  84070 
(No  phone  calls) 

w.vw  forumsys.com 

Programmer  Analysts, 
minimum  education: 

Bachelor's  Degree  or 
equivalent.  Some  posi¬ 
tions  require  a  Master’s 
Degree  or  equivalent. 
Minimum  experience  - 
adequate  industry  expe¬ 
rience.  Please  send 
resumes  to  Northbound 
LLC,  Attn:  Leena  Menon, 
1999  South  Bascom 
Avenue,  Suite  1050, 
Campbell,  CA  95008. 

Systems  Analysts  to 

travel  throughout  USA. 

Skill  sets  include  JAVA, 

ASP,  XML,  Informix, 

Oracle,  &  SQL.  E-mail: 

resume@maruthi.com 

&  mail  to:  969  g 

Edgewater  Blvd,  #260, 

Foster  City,  CA  94404. 

Sr.  Software  Engineer  wanted 
by  legal  services  info  corp  in 
NYC  to  be  responsible  for 
high-level  architecture,  analy¬ 
sis,  design  &  development  of 
mission  critical  web  products 
built  on  Windows  DNA/.Net 
architecture.  C++,  COM, 
DCOM,  COM+/MTS/MSMQ, 
ALTCOM,  VC++,  C#,  .NET, 
XML,  ASP,  JavaScript, 
DHTML,  IIS,  SQL,  VB, 
Oracle.  Resumes  to  HR  Dept, 
CCH  Legal  Information 
Services,  1 1 1  8th  Ave,  NY,  NY 
10011. 


Paradigm  Infotech  is  looking  for 
programmer/system  analysts,  s/w 
engineers.  Candidate  must  have 
BS  with  at  least  one-year  IT  expe¬ 
rience.  Good  skills  in  C/C++,  Java, 
Oracle,  WebLogic,  VB,  HTML  are 
plus.  Traveling  is  required.  Apply 
iobs@Daradiqminfotech.com. 

EOE. 

Synova  Inc  is  seeking  profession¬ 
als  with  following  skills:  Program¬ 
mer/System  Analysts,  Engineers  in 
Mainframe,  Web  Tech,  Technical/ 
functional  (SAP  &  Peoplesoft), 
Java.  Rational/RUP,  UML,  J2EE, 
Unix  DBA,  Oracle,  SQL  DBAs. 
Respond  to  ads@svnovainc.com. 


Programmer  Analyst.  Develop 
computer  programs  using  Visual 
Basic,  ASP,  ER-Win,  Sybase, 
SQL  Server,  C,  C++,  SQL,  VB 
Scripts,  PowerBuilder.  Access, 
&Oracle.  Bachelor  degree  in 
CS,  or  similar  field,  or  equiv, 
req',  as  is  1  yr  of  exp  as  a  P/A  or 
in  a  computer  prog'g  position. 
Prior  exp  must  include  exp  w / 
Visual  Basic,  C,  &  ASP.  Compet¬ 
itive  salary.  Austin,  Texas,  loca¬ 
tion;  reassignments  possible. 
Resumes  to  S.  Puri,  Job 
#1629.71,  Business  Software 
Assoc,  Inc.,  8140  N.  Mopac, 
Bldg.  1,  Ste.  130,  Austin,  TX 
78759. 


Vision  Tech  has  several  openings 
for  IT  professionals  &  engineers. 
Degree  is  required.  Skills  in  Oracle. 
HTML.  VB.  SQL.  Java  will  be  used 
for  the  position.  We  offer  competi¬ 
tive  wage  with  full  benefits. 
Contact  r.rica@viBionatwork  com  or 
visit  our  web  www.visionatwork. 
com.  EOE. 


Programmer/System  Analysts. 
Software  Engineers  wanted  by 
Atserv,  Inc.  for  positions  located  in 
Michigan.  Minimum  requirement  is 
BS  plus  experience  using  Oracle, 
Visual  Age,  Visual  InterDev,  SDM 
(System  Development  Methodol¬ 
ogy).  Apply  at  i 
EOE. 


PROGRAMMER  wanted 
by  consulting  &  software 
development  firm  in 
Sugar  Land,  TX.  Requires 
degree  in  Computer 
Science.  Respond  by 
resume  to  Ms.  B.  Nelson, 
Recruiter,  J/S-#10,  Digital 
Consulting  &  Software 
Services,  One  Sugar 
Creek  Center  Blvd.,  Ste 
500,  Sugar  Land,  TX 
77478. 


Sure 

NetworkWorld, 
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Prices 

continued  from  page  1 

Indiantown,  Fla.,  since  2001,  the 
last  time  the  company  renewed 
its  two-year  contract.  When  the 
company  started  renegotiating  its 
contract  last  month,  Sprint  came 
hack  with  a  price  of  $886  per 
month  for  the  same  line,  which 
only  covers  local  access  for  Bay 
States  frame  connection. 

“They  just  won’t  budge.  We 
understand  prices  going  up,  I 
expected  that,  but  not  [by  that 
much]  (Yaworsky  says. 

After  pressure,  Sprint  reduced 
the  price  of  the  link  to  $700  per 
month,  but  Yaworsky  is  still  disap¬ 
pointed.  “We  are  resigning  with 
Sprint.  We’re  happy  with  every¬ 
thing  else;  their  service  is  great. 
But  now  we’re  just  signing  a  one- 
year  deal,”  he  says. 

Many  carriers  are  increasing 
their  low-speed  frame  prices. 
Most  long-haul  service  providers 
also  are  moving  in  this  direction. 

“Pricing  on  frame  relay  propos¬ 
als  is  rising  on  lower-speed  ser¬ 
vices.  This  is  such  a  repeatable 
trend  one  can  easily  generalize,” 
says  David  Rohde,  an  analyst  at 
consulting  firm  TechCalibur. 


■  BY  JOHN  COX 

SAN  JOSE  —  A  beta-test  version 
user  of  a  wireless  switch  being 
announced  this  week  by  start-up 
Airespace  says  the  device  has 
simplified  the  work  of  running 
and  securing  his  wireless  LAN. 

The  Airespace  4000  Wireless 
Switch  automatically  changes 
radio  channel  assignments  and 
radio  power  levels  to  optimize 
performance  for  1,100  users  at 
University  of  California,  Berkeley, 
says  Fred  Archibald,  network 
manager  of  the  university’s  elec¬ 
trical  engineering  and  computer 
sciences  department. 

“This  is  a  huge  win  for  us,”  says 
Archibald,  who  has  been  working 
for  about  six  weeks  with  the 
switch  and  its  accompanying  ac¬ 
cess  points 

The  switch  also  lets  network 
managers  at  the  department  set 
up  an  array  of  virtual  wireless 
LANs  (WLAN),  each  with  its  own 
access  privileges  and  security 
requirements. 

The  university’s  new  WLAN, 
which  consists  of  three  24-port 
Airespace  switches  and  26  Aire¬ 
space  1200  Access  Fbints,  eventu- 


“Users  who  have  a  low-speed 
frame  network  that  is  served  by 
one  provider  can  expect  diffi¬ 
culty  with  contract  renewals.” 

That’s  what  MoldFlow,  a  soft¬ 
ware  company  that  makes  prod¬ 
ucts  for  the  molded  plastic  parts 
industry  ran  into  with  AT&T  when 
it  was  time  to  renew  its  multina¬ 
tional  frame  relay  contract. 
MoldFlow  has  a  frame  relay  net¬ 
work  that  connects  multiple  sites 
in  the  U.S.  and  two  overseas  on 
links  that  max  out  at  256K  bit/sec, 
says  Rick  Thimble,  manager  of  IT 
at  the  Wayland,  Mass.,  company. 

AT&T’s  contract  proposal  had 
prices  that  were  nearly  20%  more 
than  MoldFlow  was  paying.“I  was 
surprised,”  Thimble  says.  “We  sim¬ 
ply  did  not  have  any  more  dollars 
in  the  budget  to  support  the 
higher  prices.” 

Thimble  considered  lowering 
bandwidth  at  each  site  to  reduce 
the  cost  of  his  contract,  but  he 
feared  that  would  lead  to  bottle¬ 
necks  because  MoldFlow  regular¬ 
ly  ships  software  code  between 
offices.  The  company  explored 
different  service  options  with 
AT&T,  including  its  IP  Enabled 
Frame  Relay  service,  but  Thimble 
says  that  would  have  cost  more 


ally  will  supplant  a  traditional  dis¬ 
tributed  WLAN  of  36  access 
points  that  were  simply  plugged 
into  Ethernet  switches.  “This  [tra¬ 
ditional]  technique  doesn’t  scale 
up  very  well,”  Archibald  says. 

Kevin  Tolly  president  and  CEO 
of  The  Tolly  Group,  an  indepen¬ 
dent  research  and  testing  com¬ 
pany  says  WLAN  switch  vendors 
such  as  Airespace  are  pushing  the 
idea  that  “you  can’t  keep  plugging 
access  points  into  your  wired 
[network]  edge  and  have  an 
enterprise-scale  wireless  system 
....  I  agree  with  that.” 

But  Tolly  says  companies  should 
take  a  detailed  look  at  this  emerg¬ 
ing  class  of  product.  “Vendors 
have  their  own  view  of  the  wire¬ 
less  universe,”  he  says." [If  you  buy 
their  products] ,  you  need  to  em¬ 
brace  their  philosophy  and  buy 
into  their  architecture.” 

Airespace  is  the  latest  in  a  pack 
of  mainly  venture-funded  start¬ 
ups  that  are  trying  to  extend  to 
WLANs  the  kind  of  control,  man¬ 
agement  and  security  that  net¬ 
work  executives  are  used  to  in 
wired  networks. 

There’s  no  formal  definition  fora 
WLAN  switch.  And  these  devices 


High-speed 

High-speed  frame  closing 
the  gap  . . .  slowly. 

Frame  relay  ports  shipped  (in  thousands) 


SOURCE:  VERTICAL  SYSTEMS 


than  a  new  frame  contract. 

“It  got  to  a  point  where  we 
could  no  longer  do  business  with 
AT&T,”  he  says.  MoldFlow  is  ditch¬ 
ing  its  frame  relay  network  for  a 
fully  managed  IP  VPN  service 
from  Cable  &  Wireless. 

“We  will  have  four  times  as 
much  bandwidth  in  most  loca¬ 
tions,  and  we’re  paying  less  for  it," 
Thimble  says.  AT&T  did  come 
back  to  MoldRow  to  make  the 
company  aware  of  its  managed 
IP  VPN  service,  but  at  that  point  it 
was  too  late,  he  says. 

Although  AT&T  tried  to  increase 
MoldFlow’s  frame  relay  contract 


can’t  allocate  the  bandwidth  of  a 
shared  medium,  the  radio  spec¬ 
trum  (the  one  exception  is 
Vivato,  which  uses  phased  array 
antennas  to  play  three  radio 
beams  over  a  group  of  wireless 
clients).  Symbol  Technologies 
last  year  released  the  first  switch¬ 
like  product. 

The  12-  and  24-port  Airespace 
switches  fit  in  a  wiring  closet  rack, 
and  support  an  array  of  upstream 
network  connections  to  a  wired 
infrastructure.  The  software  is  the 
key  difference  from  a  Layer  2 
Ethernet  switch.  The  Airespace 
code  creates  a  centralized  secur¬ 
ity  and  management  framework 
that  can  use  the  access  points  as 
radio  monitors,  and  pin  security 
policies  to  wireless  users  no  mat¬ 
ter  where  they  move. 

The  Airespace  access  point  in¬ 
corporates  security  and  manage¬ 
ment  software  so  the  switch  can 
control  it.  Among  other  features, 
the  access  point  continuously 
sweeps  the  surrounding  air  for 
unauthorized,  or  rogue,  access 
points  and  clients.  It  can  “capture” 
these  devices  and  block  their 
access  into  an  enterprise  net¬ 
work,  the  company  says. 


by  20%,  the  carrier  says  that  its 
low-speed  frame  has  gone  up 
only  5%  on  average,  says  Steve 
Sobolevitch,  vice  president  for 
AT&T  Business  service  pricing. 
AT&T  chalks  up  most  of  the 
increase  to  local  access  charges, 
but  also  notes  the  need  to  raise 
prices  to  drive  up  revenue 
throughout  the  industry 

Sprint  says  that’s  why  it  raised  its 
rates. 

“Some  of  the  low-speed  ports 
are  not  profitable,”  says  Bob  Lan- 
don,  senior  director  of  strategic 
pricing  at  Sprint.  The  market 
changed  mid-2002,  which  “al¬ 
lowed  us  to  reassess  pricing.  It 
gave  everyone  an  opportunity  to 
reassess  the  profitability  of  ser¬ 
vices,”  Landon  says.  “We  have 
some  customers  that  signed  con¬ 
tracts  a  couple  of  years  ago  with 
prices  that  are  simply  no  longer 
available.” 

“We’re  not  trying  to  gouge  peo¬ 
ple;  we’re  trying  to  make  money 
so  we  can  produce  a  profit,”  he 
adds.  Users  could  see  10%,  20%, 
30%,  40%  and  even  50%  price 
increases  depending  on  the  num¬ 
ber  of  low-speed  frame  relay 
nodes  they  have,  he  says.  For 
example,  a  customer  with  500 


Airespace  says  it  will  announce 
a  shipment  date  and  pricing  for 
the  products  around  the  middle 
of  the  year. 

Airespace,  initially  Blackstorm 
Networks,  has  raised  $15.5  million 
in  venture  funding.  Its  manage¬ 
ment  team  comes  from  Metri¬ 
com,  Packeteer, Sun  and  others.* 
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56/64K  bit/sec  frame  relay  con¬ 
nections  could  see  rate  increases 
at  the  higher  end  of  Sprint's  range 
compared  with  a  customer  that 
may  have  10  to  20  low-speed  lines 
in  addition  to  10  to  20  high-speed 
frame  relay  lines. 

The  pressure  to  increase  rev¬ 
enue  is  driving  rate  increases,  but 
low-speed  was  never  as  profitable 
as  high-speed  frame.  Supporting 
low-speed  frame  relay  is  more 
costly  for  carriers,  says  Rick 
Malone,  principal  at  consulting 
firm  Vertical  Systems  Group.  It 
costs  as  much  for  a  carrier  to 
maintain  a  low-speed  port  as  it 
does  a  high-speed  port,  but  the 
latter  brings  in  “three  to  four  times 
the  revenue,”  he  says. 

Despite  its  Chapter  11  filing, 
WorldCom  is  raising  rates.the 
company  says  it,  too,  has  in¬ 
creased  low-speed  frame  relay 
prices  three  times  over  the  past  six 
months  by  5%  to  8%  per  instance. 

There  are  steps  customers  can 
take  to  help  keep  price  increases 
in  check,  experts  say; 

•  Avoid  long-term  contracts. 

•  Work  with  multiple  services 
providers.  Diversifying  network 
providers  is  sometimes  more  dif¬ 
ficult  with  small  to  midsize  net¬ 
works,  but  it  shows  an  incumbent 
carrier  that  a  user  is  willing  to 
take  new  business  elsewhere. 

•  Keep  an  eye  on  the  incum¬ 
bent  local  exchange  carriers  that 
say  they  plan  to  more  aggressively 
go  after  new  business  and  may 
offer  lower  rates  this  year. 

•  Talk  with  your  incumbent  car¬ 
rier  about  next-generation  data 
services  such  as  Multi-protocol 
Label  Switching  offerings.* 

Get  more  information  online. 
DocFinder:  5040 
www.nwfusion.com 
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BackSpin 


Mark  Gibbs 


Worser  and  worser  laws 


“Although  the  Santa  Cmz  Library 
makes  every  effort  to  protect  your  pri¬ 
vacy,  under  the  federal  USA  PATRIOT 
ACT  ( Public  Law  107-56),  records  of 
the  books  and  other  materials  you 
borrow  from  this  library  may  be 
obtained  by  federal  agents. . . .  Questions  about  policy 
should  be  directed  to  Attorney  General  John  Ashcroft, 
Department  of  Justice,  Washington  D.  C.  20530." 

—  Sign  in  a  Santa  Cmz  public  library. 

Yes,  it  is  true.  Hidden  inside  H.R.  3162,  the  USA 
Patriot  Act,  there  is  a  section  titled  “Access  to  records 
and  other  items  under  the  foreign  intelligence  sur¬ 
veillance  act.”This  section  gives  the  FBI  carte  blanche 
to  find  out  what  you  read  and  watch.  Honest. 

What  is  required  is  an  agent  asserts  your  media 
selection  details  are  “relevant”  to  an  investigation 
and  a  warrant  will  be  issued  by  a  secret  judge. 

And  you  don’t  have  to  be  suspected  of  anything 
for  the  FBI  to  ask  for  your  records.  At  one  time  “prob¬ 
able  cause”  had  to  be  demonstrated,  tying  the  need 
for  data  directly  to  a  crime  or  evidence  of  a  crime 
but,  alas,  no  more.  And  the  librarian,  bookshop  or 
video  shop  owner  is  prohibited  from  telling  you  that 
you  are  being  investigated! 

Getting  worried?  Then  this  is  going  to  really  tick 
you  off:  Under  the  wording  of  the  latest  draft  of  the 


Patriot  II  Act,  using  encryption  in  the  commission  of 
a  crime  attracts  additional  penalties  much  as  using  a 
gun  in  a  robbery  does. 

Say  you  failed  to  pay  state  tax  on  an  Internet  pur¬ 
chase  (you  did  know  you  are  responsible  for  report¬ 
ing  such  purchases,  right?  —  see  Doc-Finder:  5044). 
Because  you  probably  made  the  purchase  using  a 
Secure  Sockets  Layer  encrypted  link, you  could  face 
five  extra  years  for  the  offense,  according  to  an 
Associated  Press  report  (DocFinder:  5045). 

That  is  unlikely  to  happen,  as  the  AP  story  points 
out.  But  there  could  be  a  risk  for  corporations  if  a 
zealous  prosecutor  was  determined  to  “get"  them. 

Worse  still,  a  number  of  states,  including  Massachu¬ 
setts, Texas,  Alaska  and  Colorado,  have  draft  bills  that 
propose  to  extend  the  dreaded  Digital  Millennium 
Copyright  Act  such  that  the  use  of  routers,  firewalls 
and  VPNs  would  be  illegal!  No  kidding. 

The  Colorado  bill  (HB  03-1303, see  DocFinder: 
5046)  is  a  typical  example  of  the  wording  of  these 
bills:  “A  person  commits  a  violation  ...  if  he  or  she 
possesses,  uses,  manufactures,  develops,  assembles, 
distributes,  transfers,  imports  into  this  state,  licenses, 
leases, sells,  offers  to  sell,  promotes  or  advertises  for 
sale,  use  or  distribution  any  communication  device 
...  to  conceal  or  to  assist  another  to  conceal  from 
any  communication  service  provider ...  the  exis¬ 
tence  or  place  of  origin  or  destination  of  any  com- 
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munication  that  utilizes  a  communication  device.” 

Again,  common  sense  tells  you  that  this  is  unlikely 
to  be  interpreted  so  broadly  as  to  make  routers, 
VPNs  and  firewalls  illegal,  but  it  is  not  actually  cer¬ 
tain.  And  the  use  of  any  encryption  or  network 
address  translation  or  anonymizing  service  of  any 
kind  will  make  it  easy  for  the  government  to  request 
a  warrant  to  see  what’s  going  on  “just  in  case.” 

All  this  legislation  and  its  weird  implications 
demonstrate  The  Law  of  Unintended  Consequences. 
The  Concise  Encyclopedia  of  Economics  (DocFinder: 
5047)  defines  this  law  as:“[the]  actions  of  people  — 
and  especially  of  government  —  always  have  effects 
that  are  unanticipated  or ‘unintended.’  Economists 
and  other  social  scientists  have  heeded  its  power  for 
centuries;  for  just  as  long,  politicians  and  popular 
opinion  have  largely  ignored  it.” 

And  nowhere  do  unintended  consequences  cause 
more  problems  than  in  IT.This  legislation  needs  to 
be  watched  carefully.  If  we  don’t  pay  attention,  in  the 
next  few  years  we’ll  see  business  handcuffed  by 
invasive  and  repressive  laws  simply  because  no  one 
thought  them  through. 

Of  course,  one  thing  we’ll  be  sure  of: The  FBI  will 
be  able  to  tell  us  what  we  were  reading  while  we 
weren’t  paying  attention. 

Book  lists  to  backspin@gibbs.com. 


uzz  News,  insights,  opinions  and  oddities 


By  Paul  McNamara 

A  dumb  idea  at  exactly  the  wrong  time 

Few  political  pronouncements  are  more  easily 
ignored  than  one  from  a  congressman  making  the 
case  for  goods  or  services  sold  by  a  company  in  his 
or  her  district. 

Contrary  to  popular  suspicion,  it's  not  even  neces¬ 
sary  for  the  provider  of  such  goods  and  services  to 
wave  a  campaign  contribution  under  the  lawmaker's 
nose  to  assure  a  full-throated  defense  of  the  homegrown  product  —  although  such 
tributes  are  common  and  highly  recommended.  No,  going  to  bat  for  hometown 
employers  —  even  if  they  make  buggy  whips;  even  if  they  make  lousy  buggy  whips 
is  a  time-honored  political  tradition  along  the  lines  of  cutting  ribbons  and  kissing 
babies.  It's  a  big  part  of  what  gets  our  public  servants  into  office  and  keeps  them 
there  until  we  can’t  stand  to  hear  them  yap  for  one  more  blessed  minute. 

So  on  that  score  it’s  easy  to  understand  —  and  quickly  brush  aside  —  the 
recent  letter  that  U.S.  Rep.  Darrell  Issa  (R-Qualcomm)  directed  to  Secretary  of 
Defense  Donald  Rumsfeld,  who  needs  such  distractions  these  days  like  our  sol¬ 
diers  need  more  sand  in  their  boots.  As  you  might  have  read,  Issa  and  30  cosign¬ 
ing  lawmakers  are  urging  Rumsfeld  to  pause  from  his  battle  strategizing  for  a 
moment  and  reverse  an  Army  plan  to  build  a  wireless  network  in  postwar  Iraq 
based  on  GSM  technology.  GSM  is  the  widely  accepted  standard  throughout 
most  of  the  world,  including  the  Middle  East.  Instead,  these  lawmakers  want  to 
see  that  network  based  on  CDMA,  which  has  been  the  technology  of  choice  by 
some  iarge  carriers  herein  the  states. 

More  to  he  point  —  at  least  Rep.  Issa’s  point  —  is  that  CDMA  technology  is 
bread  and  butter  to  Qualcomm,  which  is  located  in  San  Diego. . .  which  is  the 
heart  c*  ssa's  district.  The  lawmaker  also  has  hitched  his  cause  to  the  France- 


bashing  bandwagon  that  has  flattened  even  the  lowly  French  fry:  It  seems  the 
ancestry  of  today's  GSM  technology  can  be  traced,  in  part,  to  that  country. 

“We're  going  to  be  in  a  position  where  we  are  spending  U.S.  taxpayer  dollars  to 
set  up  a  communications  system  for  the  Iraqi  people,”  Issa  told  the  Associated 
Press.  "It  seems  logical  to  give  a  preference  to  U.S.  companies  and  U.S.  jobs.” 

Yes,  it’s  logical,  as  long  as  you're  a  politician  whose  grasp  of  tf\e  big  picture 
extends  as  far  as  the  San  Diego  city  limits. 

It  should  make  no  sense  at  all  to  anyone  else.  Issa's  plea  is  tantamount  to 
demanding  that  U.S.  companies  get  first  dibs  on  selling  wool  hats  and  mittens  to 
the  Iraqis.  Not  exactly  a  good  fit. 

Ever  since  Issa  opened  this  can  of  worms,  honest-to-goodness  experts  on  wire¬ 
less  technology  have  painstakingly  pointed  out  to  the  fellow  that  GSM  makes 
sense  for  Iraq,  if  for  no  other  reason  than  it's  dominant  in  the  neighboring  coun¬ 
tries  of  Turkey,  Kuwait,  Saudi  Arabia  and  Israel.  Newly  liberated  Iraqis  no  doubt 
will  want  to  do  a  bit  of  roaming. 

As  for  GSM  being  a  “foreign”  technology  —  whatever  that  means  —  it  has  been 
noted  that  a  significant  number  of  U.S.  companies  have  skin  in  the  GSM  game, 
including  AT &T  Wireless,  Cingular  and  T-Mobile,  which  have  opted  for  a  GSM- 
based  technology  (GPRS)  in  their  next-generation  networks. 

None  of  which  is  what's  worst  about  Issa’s  ill-conceived,  ill-timed  offensive. 

That  would  be  the  impression  it  creates  not  only  in  Iraq  but  the  rest  of  the 
world.  At  a  time  when  the  Bush  administration  and  our  military  are  striving  to 
present  this  war  as  a  liberation  effort  —  with  limited  success  —  the  last  thing 
they  need  is  for  a  band  of  U.S.  politicians  to  show  themselves  as  first  and  fore¬ 
most  profiteers. 

Why  it's  nothing  less  than  unpatriotic. 

E-mail  remains  the  dominant  technology  for  communicating  with  the  columnist. 
Direct  yours  to  buzz@nww.com. 


An  increasingly  mobile  workforce 
opens  your  network  up  to  a  host  of  threats, 
both  accidental  and  intentional. 

Bring  'em  on. 


The  only  place  to  securely  meet  the  challenges  that  a  mobile 
workforce  brings  to  a  network  is  at  the  point  where  people  connect. 
The  HP  ProCurve  Adaptive  EDGE  Architecture  affordably  puts 
intelligence  and  control  at  the  edge  of  the  network,  giving  you  the 
power  to  easily  adapt  to  future  needs  as  new  wired  and  wireless 
mobility  solutions  are  implemented. 

With  industry-standard  switches  like  the  HP  ProCurve  5300x1  series, 
you  can  cost-effectively  deploy  user  and  security  applications  at  the 
point  of  connection.  It  immediately  recognizes  the  user  and  the  types 
of  services  and  access  they  are  permitted  to  have,  preventing 
unauthorized  traffic  and  potential  threats. 

To  schedule  a  free  network  design  and  to 
learn  how  HP  ProCurves  affordable  solutions  can  help  you  meet 
current  and  future  needs  for  mobility,  security  and  convergence, 
call  1-800-477-6111,  ext.  41682,  or  visit  hp.com/go/procurve. 
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Everything 

you  need 
in  a  router 
(at  half 

Mpl 

Introducing  the  NetVanta  3000  Series  from  ADTRAN . 


■  Cost-effective  access 
routing  for  branch  office 
connectivity  and 
Internet  access 

■  Recognizable  Command 
Line  Interface  (CLI) 

■  No  retraining  or 
costly  certification 

■  Built-in  stateful 
inspection  firewall 

■  Interoperable  with  other 
standards-based  routers 

■  Optional  PBX  connectivity 

■  Optional  dial 
backup  system 


This  powerful  new  access  router  from  ADTRAN  is  everything  you 
need  in  a  router,  and  then  some,  at  a  cost  that’s  up  to  55  percent 
less  than  other  brand  name  routers.  This  high-quality,  low-cost 
alternative  features  a  stateful  inspection  firewall,  a  DSU/CSU,  and  a 
familiar  CLI.  Comprehensive  dial  backup  and  PBX  connectivity  are 
available  at  a  minimal  cost.  Interoperable  with  other  standards-based 
routers,  the  NetVanta  3000  Series  fits  seamlessly  into  your  existing 
network.  Backed  by  unlimited  telephone  support  and  a  5-year 
warranty,  the  NetVanta  3000  Series  is  clearly  the  intelligent  choice. 


New  vendor  to  routing?  No  way!  ADTRAN  has  incorporated  its 
router  technology  into  selected  WAN  connectivity  products  for  the 
past  five  years;  with  more  than  75,000  now  installed  in  networks 
around  the  world.  The  NetVanta  3000  Series  is  the  latest  in  a  long 
line  of  market-leading  internetworking  and  connectivity  solutions, 


■  Built-in  DSU/CSU  for 
WAN  termination 

■  Free  24x7  telephone 
technical  support 

*  Optional  extended 
installation  and 
maintenance  program 


•  INTERNET 
TELEPHONY 
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from  a  company  with  a  17-year  history  of  customer  satisfaction 

Dare  to  compare  the  new  NetVanta  3000  Series 

www.adtran. com/in  fo/netvanta3000 

877.212.0327  Technical  Questions 
877.280.8416  Where  to  Buy 


Experts  choose  ADTRAN! 
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